Security Incident Triage

IT Security | Intermediate

14 videos | 51m 44s
Includes Assessment
Earns a Badge

(56)

Explore the importance of security incident triage in handling incidents in a timely and automated manner, in this 14-video course, which familiarizes learners with anomalies and activities that often require triage. Key concepts covered in this course include security triage fundamentals and the strategies to implement triage; tools used in security triage; and automation techniques and common tips and rules of thumb for security triage. Next, you will explore the importance of communication and stakeholder management in security triage; examine the approaches to detecting anomalies and handling them with security triage; and learn about common protocol anomalies that require triage. Continue by exploring the different levels of monitoring for incidents in security triage while looking at network monitoring of traffic, bandwidth, and the various protocols used; learn to analyze SSH activity and security events to look for; and learn how to analyze DNS activity, HTTPS activity, and system log activity. Finally, learn how to describe security events to look for in each activity.

WHAT YOU WILL LEARN

Discover the key concepts covered in this course

Describe the concepts of security triage and strategies to implement triage

Describe the tools used in security triage

Describe automation techniques in security triage

Describe common tips and rules of thumb for security triage

Describe the importance of communication and stakeholder management in security triage

Describe approaches to detecting anomalies and handling them with security triage
Describe common protocol anomalies that require triage

Describe monitoring for incidents in security triage

Analyze ssh activity and describe security events to look for

Analyze dns activity and describe security events to look for

Analyze https activity and describe security events to look for

Analyze system log activity and describe security events to look for

Summarize the key concepts covered in this course

IN THIS COURSE

1m 18s

FREE ACCESS
4m 31s

After completing this video, you will be able to describe the concepts of security triage and strategies for implementing triage. FREE ACCESS
3. Security Triage Tools

2m 59s

After completing this video, you will be able to describe the tools used for security triage. FREE ACCESS
4. Security Triage Automation

3m 20s

After completing this video, you will be able to describe automation techniques used in security triage. FREE ACCESS
5. Security Triage Tips

4m 28s

Upon completion of this video, you will be able to describe common tips and rules of thumb for security triage. FREE ACCESS
6. Security Triage Stakeholders

3m 12s

After completing this video, you will be able to describe the importance of communication and stakeholder management in security triage. FREE ACCESS
7. Detecting Anomalies

3m 17s

After completing this video, you will be able to describe approaches to detecting anomalies and handling them through security triage. FREE ACCESS
8. Protocol Anomalies

4m 45s

Upon completion of this video, you will be able to describe common protocol anomalies that require investigation. FREE ACCESS
9. Monitoring for Incidents

3m 25s

After completing this video, you will be able to describe monitoring for incidents during security triage. FREE ACCESS
10. Analyzing for SSH Activity

4m 46s

In this video, you will learn how to analyze SSH activity and describe security events to look for. FREE ACCESS
11. Analyzing for DNS Activity

5m 19s

In this video, you will analyze DNS activity and describe security events to look for. FREE ACCESS
12. Analyzing for HTTPS Activity

5m 21s

Find out how to analyze HTTPS activity and describe security events to look for. FREE ACCESS
13. Analyzing for Log Activity

4m 23s

Find out how to analyze system log activity and describe security events to look for. FREE ACCESS
14. Course Summary

42s

FREE ACCESS

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

Course Certified in Cybersecurity (CC): Incident Response

(91)

Course Certified in Cybersecurity (CC): Security Governance, Policies, & Controls

(123)

Course CompTIA Cybersecurity Analyst+: Network Security Concepts

(5)

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE

Course Cyber Security Audits

(434)

Course Ethical Hacker: Incident Response

(16)

Course Information Security Incident Management Part II

(52)

Get Started

Sharpen your skills. Upgrade your career. Find the right learning path for you, based on your role and skills. Take part in hands-on practice, study for a certification, and much more - all personalized for you.

*Not included: Compliance, Leadership Development Program content, and Engineering books

Your content + our content + our platform = a path to learning success

Using our learning experience platform, Percipio, your learners can engage in custom learning paths that can feature curated content from all sources.

Learn More

Aspire to something bigger

Aspire Journeys are guided learning paths that set you in motion for career success.

Browse Aspire Journeys

Explore a world of live learning with Global Knowledge

Choose from convenient delivery formats to get the training you and your team need - where, when and how you want it.

Browse Live Learning

IT Skills & Salary Report

ESG Impact Report

Security Incident Triage

WHAT YOU WILL LEARN

IN THIS COURSE

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

YOU MIGHT ALSO LIKE

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE