• Classroom
Course Description

Computer security incident response has become an important component of a broader organizational information technology (IT) program.

Implementing a robust incident management planning process is an essential piece of an organizations business continuity and disaster recovery planning initiative. Cybersecurity-related attacks along with an abuse of evolving technologies aimed at infiltrating government and private industry IT infrastructures, have become not only more numerous and diverse but also more frequent, damaging and disruptive.

An incident handling and response capability is therefore necessary for rapidly detecting incidents, minimizing loss and destruction, mitigating the weaknesses that were exploited, and restoring IT services.

A proactive incident identification, handling and response process with accompanying procedures, is a vital piece of a comprehensive, enterprise-wide business continuity and disaster recovery program.

To that end, this course provides an examination into incident management, planning and handling, and steps essential to protecting, defending, and sustaining an organizations critical business functions and IT infrastructure.

Learning Objectives

After completing Part 4 of this course, participants will be able to:

  • Formulate the basic set of activities relating to the incident handling process.
  • Identify the essential components of an incident response policy.
  • Develop the correct sequencing of activities during the incident handling process.
  • Recognize the importance of following well-defined processes, policies, and procedures.
  • Critically analyze and assess the impact of incidents on the organizations essential business services and critical IT-infrastructure.
  • Comprehend the technical, communication, and coordination issues involved in the incident handling process.
  • Understand incident management activities, including the types of activities and interactions associated with incident handling.
  • Summarize incident handling and response methodologies.

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.