Security Incident Triage

IT Security    |    Intermediate
  • 14 Videos | 51m 44s
  • Includes Assessment
  • Earns a Badge
Likes 18 Likes 18
Explore the importance of security incident triage in handling incidents in a timely and automated manner, in this 14-video course, which familiarizes learners with anomalies and activities that often require triage. Key concepts covered in this course include security triage fundamentals and the strategies to implement triage; tools used in security triage; and automation techniques and common tips and rules of thumb for security triage. Next, you will explore the importance of communication and stakeholder management in security triage; examine the approaches to detecting anomalies and handling them with security triage; and learn about common protocol anomalies that require triage. Continue by exploring the different levels of monitoring for incidents in security triage while looking at network monitoring of traffic, bandwidth, and the various protocols used; learn to analyze SSH activity and security events to look for; and learn how to analyze DNS activity, HTTPS activity, and system log activity. Finally, learn how to describe security events to look for in each activity.

WHAT YOU WILL LEARN

  • discover the key concepts covered in this course
    describe the concepts of security triage and strategies to implement triage
    describe the tools used in security triage
    describe automation techniques in security triage
    describe common tips and rules of thumb for security triage
    describe the importance of communication and stakeholder management in security triage
    describe approaches to detecting anomalies and handling them with security triage
  • describe common protocol anomalies that require triage
    describe monitoring for incidents in security triage
    analyze SSH activity and describe security events to look for
    analyze DNS activity and describe security events to look for
    analyze HTTPS activity and describe security events to look for
    analyze system log activity and describe security events to look for
    summarize the key concepts covered in this course

IN THIS COURSE

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platform

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE

COURSE Planning Measures: Incident Response Planning
Likes 10 Likes 10  
BOOK Cyber Threat Intelligence: The No-Nonsense Guide for CISOs and Security Managers
COURSE Security Software Assessments
Likes 9 Likes 9  

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE

COURSE Certified Information Systems Auditor (CISA) 2019: Information System Auditing
Likes 189 Likes 189  
COURSE Cloud Security Fundamentals: Basics of Cloud Operations
Likes 245 Likes 245  
COURSE End-User Security: The Security Administrator Perspective
Likes 28 Likes 28