Covers security incidents and intrusions, including identifying and categorizing incidents; responding to incidents; log analysis; network traffic analysis; tools; and creating an incident response team.
Detect and characterize various types of computer and network incidents
Detect and analyze malware
Demonstrate a practical understanding of the analysis of artifacts left on a compromised system
Demonstrate an understanding of how to effectively respond to major event incidents
Demonstrate the ability to communicate incident response findings to technical and non-technical personnel
Demonstrate an understanding of host-based intrusion detection systems and honeypots
The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.