CompTIA Security+ (SY0-601) Cert Prep: 9 Operations and Incident Response
Description
This course prepares you for the Operations and Incident Response domain of the Security+ exam, covering incident responses and investigations, as well as digital forensic techniques.
Tags
Syllabus
Syllabus IntroductionOperations and incident responseWhat you need to knowStudy resources1. Incident Response ProgramsBuild an incident response programCreating an incident response teamIncident communications planIncident identificationEscalation and notificationMitigationContainment techniquesIncident eradication and recoveryValidationPost-incident activitiesIncident response exercises2. Attack FrameworksMITRE ATT&CKDiamond Model of Intrusion AnalysisCyber kill chain analysis3. Incident InvestigationLogging security informationSecurity information and event managementCloud audits and investigations4. Forensic TechniquesConducting investigationsEvidence typesIntroduction to forensicsSystem and file forensicsFile carvingCreating forensic imagesDigital forensics toolkitOperating system analysisPassword forensicsNetwork forensicsSoftware forensicsMobile device forensicsEmbedded device forensicsChain of custodyEdiscovery and evidence productionExploitation frameworksConclusionContinuing your studies Read more
Related Courses
Related Books
![](https://d3f1iyfxxz8i1e.cloudfront.net/courses/course_image/6948ab57acd4.jpeg)
CompTIA Security+ (SY0-601) Cert Prep: 9 Operations and Incident Response
-
Provider