This course covers the duties of those who are responsible for monitoring and detecting security incidents in information systems and networks, and for executing a proper response to such incidents. Depending on the size of the organization, this individual may act alone or may be a member of a cybersecurity incident response team (CSIRT). The course introduces tools and tactics to manage cybersecurity risks, identify various types of common threats, evaluate the organization's security, collect and analyze cybersecurity intelligence, and handle incidents as they occur. Ultimately, the course promotes a comprehensive approach to security aimed toward those on the front lines of defense.
In this course, you will learn how to: Assess Information Security Risk. Analyze the Threat Landscape. Analyze Reconnaissance Threats to Computing and Network Environment. Analyze Attacks on Computing and Network Environments. Analyze Post-Attack Techniques. Manage Vulnerabilities in the Organization. Implement Penetration Testing to Evaluate Security. Collect Cybersecurity Intelligence. Analyze Log Data. Perfomr Active Asset and Network Analysis. Repsond to Cybersecurity Incidents. Investigate Cybersecurity Incidents.
The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.