CySA+ Cert Prep: 3 Cyber Incident Response

CySA+ Cert Prep: 3 Cyber Incident Response

English | MP4 | AVC 1280×720 | AAC 48KHz 2ch | 2h 03m | 317 MB

CySA+ is a highly desirable, intermediate certification that shows you know how to prevent, detect, and combat a multitude of modern cybersecurity threats. CySA+ Cert Prep: 3 prepares students for domain three, Cyber Incident Response, which constitutes 23% of the questions on the exam. Follow along with instructor Mike Chapple and learn about classifying threats and assessing the impact of cybersecurity incidents. The course also covers the importance of communication during a cybersecurity incident response effort, analyzing the symptoms of an incident in progress, the use of forensic tools, and the incident recovery and post-recovery processes. Completing this course, along with the other six courses in the series, will help you prepare to become a CompTIA Cybersecurity Analyst and ensure that your organization is properly insulated from risk.

Topics include:

  • Identifying and classifying security incidents
  • Determining incident severity
  • Building an incident response program
  • Notification, mitigation, recording, and reporting
  • Incident symptoms
  • Conducting forensic investigations
  • Password, network, software, and device forensics
Table of Contents

Introduction
1 Welcome
2 What you need to know

Assessing Incidents
3 Identifying and classifying security incidents
4 Threat classification
5 Zero days and the advanced persistent threat
6 Determining incident severity

Incident Response Process
7 Build an incident response program
8 Incident communications plan
9 Incident identification
10 Escalation and notification
11 Mitigation
12 Containment techniques
13 Incident eradication and recovery
14 Validation
15 Lessons learned and reporting
16 Creating an incident response team

Incident Symptoms
17 Network symptoms
18 Rogue access points and evil twins
19 Endpoint symptoms
20 Application symptoms

Forensic Investigations
21 Conducting investigations
22 Evidence types
23 Introduction to forensics
24 System and file forensics
25 Creating forensic images
26 Digital forensics toolkit
27 Operating system analysis
28 Password forensics
29 Network forensics
30 Software forensics
31 Mobile device forensics
32 Embedded device forensics
33 Chain of custody
34 Ediscovery and evidence production

Next Steps
35 Next steps