Covers security incidents and intrusions, including identifying and categorizing incidents; responding to incidents; log analysis; network traffic analysis; tools; and creating an incident response team.
- Detect and characterize various types of computer and network incidents
- Detect and analyze malware
- Demonstrate a practical understanding of the analysis of artifacts left on a compromised system
- Demonstrate an understanding of how to effectively respond to major event incidents
- Demonstrate the ability to communicate incident response findings to technical and non-technical personnel
- Demonstrate an understanding of host-based intrusion detection systems and honeypots