In this course, the candidate will learn how to plan, establish and manage the capability to detect, investigate, respond to and recover from information security incidents. This course helps prepare the student for the CISM exam Domain 4.
Security Incident Management (Part 1)
start the course
describe incident management concepts
define components of an incident response plan (IRP)
map the BCP and DRP to the IRP
specify methods for incident classification and categorization
define incident containment methods
describe notification and escalation processes
define roles and responsibilities in security Incidents
know IRT training, tools, and equipment
classify forensic requirements for handling evidence
Practice: Security Incident Management
describe security incident management
The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.