Preparing for an incident is a critical function of an information technology organization. Adequate preparation will help a business recover faster and get back to normal operations. This course covers the tasks and skills necessary to develop an incident response as well as the people necessary for an incident response team. It will also cover the role of forensic investigations in the incident response process.
- Create a prioritization scheme for identified events based on criticality determined during triage
- Identify and document issues of concern that resulted from the incident response as part of an after action review
- Critique an incident response plan in light of an after-action review and propose improvements to the plan
- Utilize a risk assessment to develop and document an incident response plan.