MMSCYBER005: Incident Response (3 Days)

Overview:

Incident Response

An organization’s ability to react when an incident occurs is the single most important factor in determining how much damage can be done to a system.  Students will understand how to manage security risk to organizational: systems, assets, data, and capabilities. Students will understand how to develop and employ strategies such as anti-malware, network security, and security monitoring. They will be able to identify when an incident occurs, how it occurred and the scale of the event. Students will be able to respond to incidents in a way that limits damage and reduces recovery expenditures via communication, analysis and mitigation. Students will learn about computer forensics and the role it plays in incident response. They will gain insight into restoring all capabilities and services affected by the incident.

Milli Micro Systems Incident Response course is designed to teach students the fundamental skills to handle a variety of incidents, with a strong focus on cyber security. The program is designed to follow the KnowPreventDetectRespondRecover framework as described by the National Institute of Standards and Technology (NIST). Students will learn the Incident Response Process; including response policies, procedures, and guidelines. Students will gain an understanding of the different response phases and how to react within each phase.

After taking this course, students will be able to:

  • Incorporate The Cybersecurity Framework for hardening network defenses against cyber attacks
  • Develop strategies for countering many of today’s most widely used cyber attacks
  • Implement intrusion detection/preventions systems
  • Understand the roles of the Incident Response Team
  • Implement the phases of incident response
  • Understand the requirements for developing an incident response plan
  • Develop and implement evidence handling procedures
  • Understand the role of industry regulations for incident respo