Moocable is learner-supported. When you buy through links on our site, we may earn an affiliate commission.
Certifications

CISM Cert Prep: 4 Information Security Incident Management

via LinkedIn Learning

Description

Study for the Incident Management domain of the CISM certification exam, which tests your ability to identify, triage, and resolve security incidents.

Tags
CCSK (Certificate of Cloud Security Knowledge)

Syllabus

Syllabus IntroductionInformation security incident managementWhat you need to knowStudy resources1. Incident ResponseThe manager's role in incident responseCreating an incident response team2. Assessing IncidentsIdentifying and classifying security incidentsThreat classificationZero days and the advanced persistent threatDetermining incident severity3. Incident Response ProcessBuild an incident response programIncident communications planIncident identificationEscalation and notificationMitigationContainment techniquesIncident eradication and recoveryValidationLessons learned and reporting4. Incident SymptomsNetwork symptomsRogue access points and evil twinsEndpoint symptomsApplication symptoms5. Forensic InvestigationsConducting investigationsEvidence typesIntroduction to forensicsSystem and file forensicsCreating forensic imagesDigital forensics toolkitOperating system analysisPassword forensicsNetwork forensicsSoftware forensicsMobile device forensicsEmbedded device forensicsChain of custodyEdiscovery and evidence production6. Logging and MonitoringCorrelating security event informationContinuous security monitoringData loss preventionConclusionNext steps Read more

Start Learning Find study partner
Certifications

CISM Cert Prep: 4 Information Security Incident Management

via LinkedIn Learning
Start Learning Find study partner
Affiliate notice

Study for the Incident Management domain of the CISM certification exam, which tests your ability to identify, triage, and resolve security incidents.

Syllabus IntroductionInformation security incident managementWhat you need to knowStudy resources1. Incident ResponseThe manager's role in incident responseCreating an incident response team2. Assessing IncidentsIdentifying and classifying security incidentsThreat classificationZero days and the advanced persistent threatDetermining incident severity3. Incident Response ProcessBuild an incident response programIncident communications planIncident identificationEscalation and notificationMitigationContainment techniquesIncident eradication and recoveryValidationLessons learned and reporting4. Incident SymptomsNetwork symptomsRogue access points and evil twinsEndpoint symptomsApplication symptoms5. Forensic InvestigationsConducting investigationsEvidence typesIntroduction to forensicsSystem and file forensicsCreating forensic imagesDigital forensics toolkitOperating system analysisPassword forensicsNetwork forensicsSoftware forensicsMobile device forensicsEmbedded device forensicsChain of custodyEdiscovery and evidence production6. Logging and MonitoringCorrelating security event informationContinuous security monitoringData loss preventionConclusionNext steps Read more

Tags

CCSK (Certificate of Cloud Security Knowledge)

Quick Links

Browse by subject

Browse by provider

Browse by university

Browse by publisher

Browse by institution

Roadmaps

Posts