Incident Response and Investigation from University of New Hampshire

Incident Response and Investigation

This course fosters cybersecurity incident response and investigative knowledge, from both the organizational and system perspective. Material includes laws, standards, codes of behavior and best practices for incident response, including the management of relationships (e.g., regulators, clients, vendors). Case studies are presented and discusses in light of organizational resource limitations, legal mandates, and jurisdictional boundaries.

Course Overview

Overall Proficiency Level

2 - Intermediate

Course Prerequisites

CPRM 810, CPRM 830, CPRM 850

Training Purpose

Functional Development

Management Development

Specific Audience

Academia

All

Contractor

Federal Employee

General Public

Delivery Method

Online, Instructor-Led

National CAE Designated Institution

Online, Instructor-Led

Learning Objectives

With successful completion of this course, students are able to: 1. Situate cybersecurity incident response and investigation within an organization’s overall incident response policies and processes. 2. Identify rules and best practices for reporting or otherwise communicating information about cybersecurity events and incidents. 3. Identify concepts and methods for effective containment and mitigation of cybersecurity incidents. 4. Articulate the roles of common tools and techniques for investigating and analyzing cybersecurity incidents. 5. Explain and give examples of the differing mandates and priorities in the communities of interest for incident response and investigation (e.g., CERTs and CSIRTs, law enforcement agencies, regulators, vendors, intelligence community, etc.).

Framework Connections

Oversight and Governance

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Competency Areas

Work Roles

Feedback

If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.