Performing Incident Response and Handling

In this course, you’ll explore and investigate into the countless aspects of incident response and how you can plan and design a process for responding to that breach that is coming sooner or later to your organization.
Course info
Rating
(10)
Level
Beginner
Updated
Dec 19, 2018
Duration
5h 19m
Table of contents
Course Overview
Preparing for Incident Response and Handling
Incident Response Processes
The Workflow of Incident Response
Networks and Host Attacks
Service and Application Attacks
Malicious Code and Insider Threats
Description
Course info
Rating
(10)
Level
Beginner
Updated
Dec 19, 2018
Duration
5h 19m
Description

It’s not a matter of “if”, but rather “when” an attack is going to happen. No matter what you know or do, the hard truth is there's no guaranteed way to stop an attacker from penetrating your organization. Once you’ve accepted that an attack will be unavoidable, your job now becomes "How do I respond to these situations?". This is where the role of an "Incident Responder" comes into play. What do you do when a system or device has been targeted? Well, that depends on the incident itself. In this course, Performing Incident Response and Handling, you'll start by making sure that you and your organization are prepared by learning about each of the security policies that you should have in place to clarify and focus everyone on the importance of keeping your resources secure. First, you'll learn about the actual process of detecting incidents and how to respond to them. Next, you'll explore the actual workflow steps that every security professional should follow to make sure you are consistent with all incidents that are currently affecting you as well as future ones. Finally, you'll dive into some of the more common incidents that take place in your networks by looking at how to handle and respond to issues like a DoS, a Session Hijack, or even Malicious Code. By the end of this course, you'll understand what is needed to help keep your network more secure by being more proactive and aware of what's happening in your environment.

About the author
About the author

Dale Meredith received his Certified Ethical Hacker and Certified EC-Counsel Instructor certifications back in 2006, as well as being a Microsoft Certified Trainer since 1998 (yes we had computers back then). Dale takes great pride in helping students comprehend and simplify complex IT concepts.

More from the author
More courses by Dale Meredith
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone. My name is Dale Meredith, and I'd like to welcome you to my course, Performing Incident Response and Handling. This is an exciting course because it actually covers three certification domains from CSA+ to GCIH, as well as ECIH. Now I know, it's a bargain. It's a three-for-one deal. Now I personally have been a Microsoft trainer since 1998, as well as a cybersecurity trainer and consultant. I've worked with several corporate 500 companies, as well as the Department of Homeland Security on several different projects. I'd tell you about them, but then I'd have to kill you. So listen, if your organization experiences any incidences that aren't properly contained and handled, it's going to escalate into a bigger problem that eventually could lead to a data breach or even system failures. Responding to any incident rapidly will help your organization minimize losses, as well as mitigate any vulnerabilities and restore services and processes as quickly as possible, as well as reduce the risk of being attacked in the future. Incident response allows an organization to be equipped for the unknown and is a dependable method for detecting a security instant instantly when it occurs. In this course, we'll talk and teach you about how to respond to major incidences that can cripple an organization. We'll also talk about some best practices for each type of issue to help stop the intrusion before it causes damage. Plus, if you're familiar with my other courses, you know we'll have some fun along the way. Some of the topics that we'll actually cover in this particular course include the actual workflow of what you should follow during an incident response. It'll kind of help you keep organized. We'll also look at some of the major symptoms, the defenses, and what to do when an incident happens. Oh, it's going to happen, trust me. Need a policy? I've got a whole module that's going to give you a complete list of all the policies that your organization should have in place. By the end of this course, you should have a great understanding of how to prepare yourself and your company or organization for an incident, as well as be able to identify different signs that could actually end up warning you that you've had an incident or one's coming your way. We'll also make sure that you understand how to handle some of the more common issues, as well as how to stop them from happening. Spoil alert, you can't stop them. But you can be good to go if anything happens. Now before beginning this course, you should be familiar with some basic network typologies and technologies, such as TCP/IP, devices like routers and switches, as well as you should be familiar with different operating systems, such as Windows and Linux. No, I'm not going to quiz you, but we do do some demos in those operating systems. After you've finished this course, you should feel comfortable diving into the other courses within this series, such as the Performing and Analyzing Network Reconnaissance or even branching out a bit and taking a look at the Ethical Hacking series. I hope you'll join me on this adventure in learning with Performing Incident Response and Handling course here, at Pluralsight.