CASP, Part 8 of 9: Incident Response
Interactive

CASP, Part 8 of 9: Incident Response

LearnNow Online
Updated Aug 21, 2018

Course description

What happens when things go horribly awry? That’s where incident response comes in, allowing you to take control and figure out the best solution to remedy the problem. Take an in-depth look at incident response, its best practices, and some methodologies and tools you can use, including the how, who and when aspects of the incident. Additionally, take a deep dive into the incident in a forensically sound manner making sure any evidence isn’t tampered with and could still be admissible in court. Though this course won’t make you a forensic investigator, it will give you a better understanding of the process so you can make sure you’re making the best decisions when handling an incident. This course is part of a series covering the CompTIA Advanced Security Practitioner (CASP).

Each LearnNowOnline training course is made up of Modules (typically an hour in length). Within each module there are Topics (typically 15-30 minutes each) and Subtopics (typically 2-5 minutes each). There is a Post Exam for each Module that must be passed with a score of 70% or higher to successfully and fully complete the course.


Prerequisites

This course assumes that the student has familiarity with information technology and basic networking. The student should also be familiar with basic security concepts, whether through the CompTIA Advanced Security Practitioner Parts 1-6 or outside study. No scripting or “hacking” experience is required.


Meet the expert

David Bigger

David Bigger is the lead trainer at Bigger IT Solutions. He has been information technology for a little over 20 years and has been training all over the US. He has worked with companies like US Military, Lockheed Martin, General Dynamics, Dominos Pizza, University of Utah and Expedia

Video Runtime

61 Minutes

Time to complete

81 Minutes

Course Outline

Incident Response

Incident Response (40:17)

  • Introduction (00:23)
  • Incident Response (08:05)
  • Preparation (04:59)
  • Detection and Analysis (02:16)
  • Incident Analysis (03:33)
  • Documentation (03:11)
  • Incident Prioritization (01:31)
  • Incident Notification (02:03)
  • Containment, Eradication, and Recovery (04:00)
  • Evidence Gathering (01:34)
  • Identify the Attackers (02:51)
  • Eradication and Recvery (01:32)
  • Recovery (01:36)
  • Post-Incident Activities (01:02)
  • Lessons Learned (01:17)
  • Summary (00:15)

Incident vs. Event (07:29)

  • Introduction (00:24)
  • Incident vs. Event (01:51)
  • Incident (02:10)
  • Events (02:43)
  • Summary (00:19)

Forensics (14:10)

  • Introduction (00:28)
  • Forensics (01:04)
  • Computer Forensics (04:44)
  • Computer Forensics Readiness (02:57)
  • First Responder (01:22)
  • First Responder Tasks (02:23)
  • First Responder Continued (00:52)
  • Summary (00:15)