Certified Information Security Manager CISM (Part 4 of 4): Incident Management

This course talks about different parts of incident management, overview, organization, resources, ways of measuring it, procedures, current state of incident response capability, and how to develop an incident response plan. You will also learn how to coordinate with disaster recovery and responsibility and discovery plans and testing. It wraps up with a post incident activities investigation. This course contains the following lessons:

Lesson 1:

• Introduction to Incident Management
• Incident Management Overview
• Types of Events
• Types of Events Continued
• Goals of Incident Management
• BCP and DRP
• Goals of Incident Management Continued.

Lesson 2:

• Introduction to Incident Response Planning
• Importance of Incident Management
• Outcomes of Incident Management
• Incident Management
• Concepts
• Concepts Continued
• Incident Response
• Incident Management Systems.

Lesson 3:

• Introduction to Incident Management Organization
• Incident Management Organization
• Responsibilities
• Responsibilities Continued
• Defining Security Incidents
• Senior Management Commitment.

Lesson 4:

• Policies and Standards
• Incident Response Technology Concepts
• Personnel
• Roles and Responsibilities
• Skills
• Awareness and Education
• Audits.

Lesson 5:

• Defining Objectives
• The Desired State
• Strategic Alignment
• Other Concerns.

Lesson 6:

• Defined Responsibilities
• Management Metrics and Monitoring
• Metrics and Monitoring Continued
• Other Things to Monitor.

Lesson 7:

• Threats
• Vulnerabilities.

Lesson 8:

• Elements of an Incident Response Plan
• Gap Analysis
• BIA
• BIA Continued
• Escalation Process for Effective IM
• Identifying Security Incidents
• Incident Management and Response Teams
• Organizing, Training, and Equipping Response Staff
• Incident Notification Process
• Incident Management Plan Challenges. Lesson 9:
• Goals of Recovery Operations
• Mobile Sites
• Choosing a Site Selection
• Recovery Plan
• Incident Management Response Teams
• Network Service High Availability
• Storage High Availability
• Risk Transference
• BCP and DRP.

Lesson 10:

• Periodic Testing
• Testing IT Infrastructure
• Analyze Test Results
• Measuring the Test Results.

Lesson 11:

• Updating the Plan
• Intrusion Detection Policies
• Who to Notify About an Incident
• Recovery Operations
• Other Operations
• Forensic Investigation
• Hacker/Penetration Methodology
• Hacker/Penetration Methodology Continued.