SECOPS: Handling Incident Events & Evidence

Cisco SECOPS    |    Intermediate
  • 3 Videos | 1h 17m 52s
  • Includes Assessment
  • Earns a Badge
Likes 5 Likes 5
Explore how NIST SP800-61 r2 is used to process an incident event and the recommended incident handling process. Examine evidence handling, as documented in NIST SP800-86 and how to apply VERIS schema categories to incident handling events. This course can be used as part of the preparation for the 210-255: Implementing Cisco Cybersecurity Operations certification exam.

WHAT YOU WILL LEARN

  • describe a post-incident activity question
    describe the NIST Computer Security Incident Handling Guide
    identify the section of the SP 800-61 document that covers detection and analysis
    identify the section of the SP 800-61 document that helps you prepare questions
    describe sources of computer forensics data
    identify external sources of computer forensics data
    identify the NIST special publication document that covers forensics techniques
  • list the steps to perform data acquisition
    list the steps to the forensics process
    describe the tool used to identify actors, actions, and assets in the VERIS threat model
    describe the VERIS schema documentation
    describe VERIS
    identify fields of data to document with incident tracking

IN THIS COURSE

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platform

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE

Likes 2 Likes 2  
Likes 7 Likes 7