SECOPS: Handling Incident Events & Evidence
Cisco SECOPS | Intermediate
- 3 Videos | 1h 17m 52s
- Includes Assessment
- Earns a Badge
Explore how NIST SP800-61 r2 is used to process an incident event and the recommended incident handling process. Examine evidence handling, as documented in NIST SP800-86 and how to apply VERIS schema categories to incident handling events. This course can be used as part of the preparation for the 210-255: Implementing Cisco Cybersecurity Operations certification exam.
WHAT YOU WILL LEARN
describe a post-incident activity questiondescribe the NIST Computer Security Incident Handling Guideidentify the section of the SP 800-61 document that covers detection and analysisidentify the section of the SP 800-61 document that helps you prepare questionsdescribe sources of computer forensics dataidentify external sources of computer forensics dataidentify the NIST special publication document that covers forensics techniques
list the steps to perform data acquisitionlist the steps to the forensics processdescribe the tool used to identify actors, actions, and assets in the VERIS threat modeldescribe the VERIS schema documentationdescribe VERISidentify fields of data to document with incident tracking
EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platformDigital badges are yours to keep, forever.