• Online, Self-Paced

Explore how NIST SP800-61 r2 is used to process an incident event and the recommended incident handling process. Examine evidence handling, as documented in NIST SP800-86 and how to apply VERIS schema categories to incident handling events.

Learning Objectives

SECOPS: Handling Incident Events and Evidence

  • use NIST SP800-61 r2 incident handling to process an incident event and describe the recommended incident handling process
  • describe evidence handling as documented in NIST SP800-86 and its importance in forensics
  • describe how to apply VERIS schema categories to incident handling events

Framework Connections