Security Incident Triage

IT Security    |    Intermediate
  • 14 Videos | 51m 44s
  • Includes Assessment
  • Earns a Badge
Likes 18 Likes 18
Explore the importance of security incident triage in handling incidents in a timely and automated manner, in this 14-video course, which familiarizes learners with anomalies and activities that often require triage. Key concepts covered in this course include security triage fundamentals and the strategies to implement triage; tools used in security triage; and automation techniques and common tips and rules of thumb for security triage. Next, you will explore the importance of communication and stakeholder management in security triage; examine the approaches to detecting anomalies and handling them with security triage; and learn about common protocol anomalies that require triage. Continue by exploring the different levels of monitoring for incidents in security triage while looking at network monitoring of traffic, bandwidth, and the various protocols used; learn to analyze SSH activity and security events to look for; and learn how to analyze DNS activity, HTTPS activity, and system log activity. Finally, learn how to describe security events to look for in each activity.

WHAT YOU WILL LEARN

  • discover the key concepts covered in this course
    describe the concepts of security triage and strategies to implement triage
    describe the tools used in security triage
    describe automation techniques in security triage
    describe common tips and rules of thumb for security triage
    describe the importance of communication and stakeholder management in security triage
    describe approaches to detecting anomalies and handling them with security triage
  • describe common protocol anomalies that require triage
    describe monitoring for incidents in security triage
    analyze SSH activity and describe security events to look for
    analyze DNS activity and describe security events to look for
    analyze HTTPS activity and describe security events to look for
    analyze system log activity and describe security events to look for
    summarize the key concepts covered in this course

IN THIS COURSE

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platform

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE

COURSE SecOps Tools and 2021 Security Incidents: Colonial Pipeline
COURSE Planning Measures: Incident Response Planning
Likes 10 Likes 10  
COURSE Intelligent Orchestration: Automating Security Incident Processing
Likes 12 Likes 12  

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE

COURSE Session & Risk Management
Likes 76 Likes 76  
COURSE Security Rules: Rules of Engagement
Likes 23 Likes 23  
COURSE Auditing & Incident Response
Likes 55 Likes 55