Explore the fundamentals of security incident management, including methods for classifying incidents, roles, responsibilities, and training for incident response team members, and notification and escalation processes.
CISM: Information Security Incident Management Part 1
- describe incident management concepts
- define components of an incident response plan (IRP)
- map the BCP and DRP to the IRP
- specify methods for incident classification and categorization
- definine incident containment methods
- describe notification and escalation processes
- define roles and responsibilities in security incidents
- know IRT training, tools and equipment
- classify forensic requirements for handling evidence
- describe security incident management
If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.