Objectives

In this course, you willunderstand,assess and respond to security threats and operate a system and network security analysis platform. You will:

• Explain the importance of best practices in preparation for incident response

• Given a scenario, execute incident response process

• Explain general mitigation methods and devices

• Assess and comply with current incident response requirements

Outline

Lesson 1: Assessment ofInformation Security Risks

Topic A: TheImportance of Risk Management

Topic D: IntegratingDocumentation into Risk Management

Lesson 2: Response to Cybersecurity Incidents

Topic A: Deployment ofIncident Handling and Response Architecture

Topic B: Containmentand Mitigation of Incidents

Topic C: Preparationfor Forensic Investigation as a CSIRT

Lesson 3: Investigating Cybersecurity Incidents

Topic A: Use a Forensic Investigation Plan

Topic B: Securely Collect and AnalyzeElectronic Evidence

Topic C: Follow Up on the Results of an Investigation

Lesson 4: Complying with Legislation

−Examples of Legislation (if this is covered in above topics, no need to include here) GDPR, HIPPA, Elections

−Case study: Incident Response and GDPR(Using GDPR legislation, create a response that is compliant with it –this could be discussion-basedactivity as well.)

−StateLegislation Resources and Example

–Search terms to find state legislation

−Using NYS as example use the NYS Privacy Response act or other legislation to create a similar case study as previous.

−Provide answers on when to use federal versus state and do you have to follow both?

Target Audience

This course is designed primarily forIT leaders and company executives who are responsible for complying with incident response legislation. This course focuses on the knowledge, resources, and skills necessary to comply with incident response, and incident handling processrequirements.

Prerequisites

General understanding of cybersecurity concepts.