Final Exam: Incident Response Leader
- 1 video | 32s
- Includes Assessment
- Earns a Badge
Final Exam: Incident Response Leader will test your knowledge and application of the topics presented throughout the Incident Response Leader track of the Skillsoft Aspire Penetration Tester to SecOps Engineer Journey.
WHAT YOU WILL LEARN
recognize best security practices for the Internet of Thingsdescribe the Zero Trust Architecture and how to apply to the Zero Trust Modelrecognize various security architecture models such as the Zero Trust Model, the intrusion kill chain, and the diamond model of intrusion analysisDemonstrate how to assess the monitoring process and how to perform a security configuration evaluationDemonstrate the open source and Commercially available tools that are used for patch managementdescribe different incidence response scenarios and how an organization should respond with their incident response teamrecognize Zero Trust challenges, problems, and concernsdescribe how incident response is managed across various enterprise organizations, providing examples of cases where incident response policies are managedidentify the purpose of an incident response plan and the costs of not having one in placeDescribe the steps to creating the appropriate conformance program for an organizationdescribe the security risks and best practices for transitioning to the clouddescribe how an incident response plan is created and what to include in it, including planning scenarios and recovery objectivesrecognize how preemptive troubleshooting is different than intrusion detection systemsDemonstrate the techniques used to identify and calculate risk with regards to a conformance programdescribe how indicators of compromise can help reduce exploits in an environmentuse tools to troubleshoot hardware and policies to prevent security compromiseDemonstrate challenges organizations face today in monitoring systems configurations and how they can be overcomeDescribe the security controls for monitoring systems configurations in the cyber frameworkrecognize what roles to assign to each member of an incident response team and describe how team members would be engaged in various scenariosDescribe the process in implementing a secure systems configurations monitoring programupdate hardware and recognize the importance of doing soupdate software and recognize the importance of doing soDemonstrate the relation of patch management in an Agile environmentrecognize when to create a CSIRT and who should be on that teamrecognize concerns of moving to the security first mindset and de-perimeterization problemsDescribe the various cybersecurity frameworks and which regulations relate to an organizationDemonstrate how to prioritize and rate the importance of patches for the software development environment.describe governance policy, roles and responsibilities, and them purpose of incident response planningidentify the different purposes of the different roles on a CSIRTDescribe the importance of using external experts to assist with your conformance program
Demonstrate the actions taken when a incident occurs with regards to regulation conformanceDescribe the Process of Baselining, hardening, and how to develop a backout planDescribe regulation conformance and its importance in an organization and incident responsedescribe the tools available in incident response strategies including the three As in incident response and the OODA Loopidentify how a security operations center can be a vital asset to an organizationDefine patch management for incident response. Describe the concept of patch management and how it affects the incident response team and the Security Operations Center (SOC)recognize the best security places for network devices such as Next-Generation Firewalls, Network Intrusion Detection and Prevention Systems, and Distributed Denial of Service AttacksDemonstrate tips and tricks to keep up to date with rapidly changing laws and how to keep staff informed as change is implementeddescribe the incident phases that an incident policy must address and the six stages in an incident response policyDescribe the concept of patching for serverless systems and benefits of patching strategies using serverless systemsrecognize traditional infrastructure deficiencies, such as perimeter exploitation and de-perimeterization as a result of moving to the cloudrecognize the impact of software-defined networking, virtual networking, and micro-segmentation to network securitydescribe elements of an incident response policy and how it governs an incident response teamDescribe the various tools and software available to monitor systems and their advantages for incident responselist the steps to create incident response policies, plans, and proceduresDescribe briefly the Configuration Management process and how it can possess an influence in securing systems configuration for incident responseDescribe the process of rolling out patches in a patch management program and the polices for patch updatesDemonstrate the methods in monitoring releases and deliveries throughout the Software Development Lifecycle (SDLC)Describe testing, and configuration management in patch managementdescribe preemptive troubleshooting and how it applies to security and SecOpsDescribe the benefits of a patch management strategy and why its importantdescribe policies and procedures for keeping systems secure in preemptive troubleshootingdiscuss the elements of an incident response policyDemonstrate situations where an incident occurs for the need of legal communication or when Internal communication is necessary when handling incidentsdescribe the concept of a Computer Security Incident Response Team, what a team is compromised of, models and their purpose, and the benefits of outsourcing and having a CSIRT internallyrecognize the importance of securing network appliances and the top network security risksDescribe continuous monitoring in risk management including the three tier approach and how it relates to monitoring systems configurationDemonstrate examples of internal and external incidents and breaches and how conformance in each example applies to a DevOps environmentuse password policies to enforce complianceDemonstrate the process of minor, major, and unknown configuration changes. What it means to an organization with unknown or minor changes for incident response and how its prioritized in an incident strategy
IN THIS COURSE
EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.Digital badges are yours to keep, forever.
YOU MIGHT ALSO LIKE
Course Final Exam: Scrum Master