• Online, Self-Paced
Course Description

Explore selective auditing, which provides valuable insights to activity on a network, and also Incident response plans, which are proactive measures used to deal with negative events.

Learning Objectives

Cybersecurity 101: Auditing & Incident Response

  • Course Overview
  • list best practices related to IT security auditing
  • use Group Policy to enable file system auditing
  • scan hosts for security weaknesses from Windows
  • scan hosts for security weaknesses from Linux
  • describe the importance of securing mobile devices
  • centrally apply security settings to mobile devices
  • configure Amazon Web Services to use multifactor authentication
  • recognize how security is applied to applications from design to use
  • use file hashing to detect modifications
  • specify actions used when dealing with security incidents
  • view a packet capture to identify suspicious activity
  • centrally apply security settings

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.