Preparing for an incident is a critical function of an information technology organization. Adequate preparation will help a business recover faster and get back to normal operations. This course covers the tasks and skills necessary to develop an incident response as well as the people necessary for an incident response team. It will also cover the role of forensic investigations in the incident response process.
Create a prioritization scheme for identified events based on criticality determined during triage
Identify and document issues of concern that resulted from the incident response as part of an after action review
Critique an incident response plan in light of an after-action review and propose improvements to the plan
Utilize a risk assessment to develop and document an incident response plan.
The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.