Security Incident Triage
IT Security
| Intermediate
- 14 Videos | 51m 44s
- Includes Assessment
- Earns a Badge
Explore the importance of security incident triage in handling incidents in a timely and automated manner, in this 14-video course, which familiarizes learners with anomalies and activities that often require triage. Key concepts covered in this course include security triage fundamentals and the strategies to implement triage; tools used in security triage; and automation techniques and common tips and rules of thumb for security triage. Next, you will explore the importance of communication and stakeholder management in security triage; examine the approaches to detecting anomalies and handling them with security triage; and learn about common protocol anomalies that require triage. Continue by exploring the different levels of monitoring for incidents in security triage while looking at network monitoring of traffic, bandwidth, and the various protocols used; learn to analyze SSH activity and security events to look for; and learn how to analyze DNS activity, HTTPS activity, and system log activity. Finally, learn how to describe security events to look for in each activity.
WHAT YOU WILL LEARN
-
discover the key concepts covered in this coursedescribe the concepts of security triage and strategies to implement triagedescribe the tools used in security triagedescribe automation techniques in security triagedescribe common tips and rules of thumb for security triagedescribe the importance of communication and stakeholder management in security triagedescribe approaches to detecting anomalies and handling them with security triage
-
describe common protocol anomalies that require triagedescribe monitoring for incidents in security triageanalyze SSH activity and describe security events to look foranalyze DNS activity and describe security events to look foranalyze HTTPS activity and describe security events to look foranalyze system log activity and describe security events to look forsummarize the key concepts covered in this course
IN THIS COURSE
-
1.Course Overview1m 18sUP NEXT
-
2.Security Triage Strategy4m 31s
-
3.Security Triage Tools2m 59s
-
4.Security Triage Automation3m 20s
-
5.Security Triage Tips4m 28s
-
6.Security Triage Stakeholders3m 12s
-
7.Detecting Anomalies3m 17s
-
8.Protocol Anomalies4m 45s
-
9.Monitoring for Incidents3m 25s
-
10.Analyzing for SSH Activity4m 46s
-
11.Analyzing for DNS Activity5m 19s
-
12.Analyzing for HTTPS Activity5m 21s
-
13.Analyzing for Log Activity4m 23s
-
14.Course Summary42s
EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platform
Digital badges are yours to keep, forever.