Most companies have a difficult time finding and hiring qualified Incident Response (IR) analysts. For that matter, many whom make their way into this hands-on security profession lack a solid foundation. In this course, Hands-On Incident Response Fundamentals, you'll be prepared to take on the task of IR by being presented with the core principles associated with the field. First, you'll learn to differentiate between commodity and Advanced Persistent Threat attack groups. Next, you'll discover how to review alerts, log files, and recognize common character encodings and carrier files. Finally, you'll cover how to use a hex editor effectively and work with indicators of compromise. By the end of this course, you'll be ready to take on the task of responding to events and incidents alike. Strong IR analysts must have a strong foundation, and that's exactly what this course intends to provide you.
The Nature of the Threat: Why Are We Here?
Common IR Tasks
Analyzing Files: Character Encodings, Carrier Files, and Hex Editors
Proactive IR: Intelligence, Indicators of Compromise, and Hunting
The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.