In this course, the candidate will learn how to plan, establish and manage the capability to detect, investigate, respond to and recover from information security incidents. This course helps prepare the student for the CISM exam Domain 4.
Security Incident Management (Part 2)
start the course
describe incident reporting requirements and procedures
define post-incident review practices and investigations
quantify damages, costs and business impacts
detect, log, analyze and document events
classify resources for investigation of incidents
identify impact of changes to the environment
know techniques to test the incident response plan
specify regulatory, legal and organization requirements
define KPIs and metrics to evaluate the response plan
Practice: Define InfoSec security management
define InfoSec security management
The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.