Incident Response (Blue Teaming) from Technical College of the Lowcountry

Incident Response (Blue Teaming)

This course introduces the skills and techniques necessary to detect, respond and recover from cyber incidents. The goal is to learn to integrate business continuity / disaster recovery plans into the incident response process. This is a writing intensive course, which requires each student to individually document cyber security incidents and communicate the impact of those incidents to the organization. Peer writing evaluation will help students to consider how effective their written communication skills are.

Course Overview

Overall Proficiency Level

2 - Intermediate

Course Prerequisites

Yes

Training Purpose

Skill Development

Specific Audience

All

Delivery Method

Classroom

Online, Instructor-Led

Online, Self-Paced

Course Location

921 Ribaut Road
Building 14
Beaufort, SC 29901

Course Location Map

Your Location
Providers
Courses
Course and Provider Quantity

Classroom
Online, Instructor-Led
Online, Self-Paced

Learning Objectives

Define & Explain Information Security and the role of policy / procedures
Identify and explain the basic concepts and phases of risk management.
Discuss key laws, regulations, and standards associated with contingency planning.
Define business impact analysis and describe each of its components
Explain the strategies employed for resumption of critical business processes at alternate and recovered sites.
Identify the activities and deliverables used in an incident response policy and explain how policy affects the process.
Describe the purpose and function of the CSIRT.
Perform network traffic analysis and sniffing by using appropriate tools.
Perform incident handling by using appropriate methods.
Identify security controls and defensive technologies.

Framework Connections

Protection and Defense

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Competency Areas

Work Roles

Feedback

If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.