This course provides an explanation of root cause analysis for cyber security incidents and an overview of two different root cause analysis models (and approaches used in these models). The course also describes how root cause analysis can benefit other incident management processes (response, prevention, and detection), and details general root cause analysis techniques that can be adopted as methods for analysis of cyber incidents.
Recognize the different approaches, methods and techniques available for conducting root cause analysis;
Identify how root cause cause analysis can benefit other processes and activities in the overall incident management overflow;
Explain when, why, and how to do root cause analysis;
Differentiate between presented industry analysis diagrams and taxonomies
The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.