Performing Incident Response and Handling

January 25, 2018 Courses
Performing Incident Response and Handling

English | MP4 | AVC 1280×720 | AAC 44KHz 2ch | 5h 20m | 522 MB

In this course, you’ll explore and investigate into the countless aspects of incident response and how you can plan and design a process for responding to that breach that is coming sooner or later to your organization.

It’s not a matter of “if”, but rather “when” an attack is going to happen. No matter what you know or do, the hard truth is there’s no guaranteed way to stop an attacker from penetrating your organization. Once you’ve accepted that an attack will be unavoidable, your job now becomes “How do I respond to these situations?”. This is where the role of an “Incident Responder” comes into play. What do you do when a system or device has been targeted? Well, that depends on the incident itself. In this course, Performing Incident Response and Handling, you’ll start by making sure that you and your organization are prepared by learning about each of the security policies that you should have in place to clarify and focus everyone on the importance of keeping your resources secure. First, you’ll learn about the actual process of detecting incidents and how to respond to them. Next, you’ll explore the actual workflow steps that every security professional should follow to make sure you are consistent with all incidents that are currently affecting you as well as future ones. Finally, you’ll dive into some of the more common incidents that take place in your networks by looking at how to handle and respond to issues like a DoS, a Session Hijack, or even Malicious Code. By the end of this course, you’ll understand what is needed to help keep your network more secure by being more proactive and aware of what’s happening in your environment.

Table of Contents

01 – Course Overview
02 – Course Introduction
03 – Security Policies and Their Goals
04 – Characteristics and Implementation
05 – Access Control Policy
06 – Acceptable Use Policy
07 – Administrative Security Policy
08 – Asset Control Policy
09 – Audit Trail Policy
100 – What Did We Learn
101 – What We’re Going to Learn
102 – Malicious Code – Virus and Worms
103 – Malicious Code – Trojans and Spyware
104 – Malicious Code – What to Do
105 – Malicious Code – What Are the Signs
106 – Malicious Code – Containment
107 – Malicious Code – Gather Evidence
108 – Malicious Code – Bots and Botnets
109 – Malicious Code – How Bots and Botnets Work
10 – Logging Policy
110 – Incident Response Handling Performing
111 – Malicious Code – Rootkits in Windows
112 – Malicious Code – Rootkits – Kernel Mode
113 – When It Happens – Rootkits
114 – Prevention – Rootkits
115 – Insider Threats – The Landscape
116 – Insider Threats – The Workflow
117 – Insider Threats – Detection and Response
118 – Insider Threats – Prevention – Network Level
119 – Insider Threats – Prevention – Access Control
11 – Documentation Policy
120 – Insider Threats – Prevention – Awareness Program
121 – Insider Threats – Prevention – Admins and Privileged Users
122 – Insider Threats – Prevention – Backups
123 – What Did We Learn
12 – Evidence Collection Policy
13 – Evidence Preservation Policy
14 – Information Security Policy
15 – NIACAP, IA, and C_A Policy
16 – Physical Security Policy
17 – Physical Security Guidelines
18 – The Law in a Digital World
19 – Summary
20 – What We’re Going to Learn
21 – What Is a Computer Security Incident
22 – How Do We Identify an Incident
23 – How Do We Handle an Incident
24 – So What’s the Goal
25 – What’s the Plan
26 – Information Warefare
27 – Vulnerability, Attacks, and Threats
28 – Signs of an Incident
29 – How Do We Respond
30 – The Team
31 – What Did We Learn
32 – Understanding the Workflow
33 – Identification
34 – Incident Recording
35 – Initial Response
36 – Communicating the Incident
37 – Containment
38 – Formulating a Response Strategy
39 – Incident Classification
40 – Incident Investigation
41 – Data Collection
42 – Forensic Analysis
43 – Evidence Protection
44 – Notifying External Agencies
45 – Eradication
46 – System Recovery
47 – Incident Documentation
48 – Incident Damage and Cost Assessment
49 – Review and Update the Response Policies
50 – What Did We Learn
51 – What We’re Going to Learn
52 – Denial of Service – Handling
53 – Denial of Service – Detection
54 – Denial of Service – Handling
55 – Denial of Service – Responding
56 – Denial of Service – Prevention
57 – Denial of Service – Containment
58 – Denial of Service – Best Practices
59 – Unauthorized Access – Handling
60 – Unauthorized Access – Signs of a Root Compromise
61 – Unauthorized Access – Hardware
62 – Unauthorized Access – Responding
63 – Unauthorized Access – Prevention
64 – Unauthorized Access – Responding
65 – Unauthorized Access – Eradicate and Recovery
66 – Unauthorized Access – Best Practices
67 – Inappropriate Usage – Detecting
68 – Inappropriate Usage – Prevention
69 – Inappropriate Usage – Containment
70 – Multiple Components Issues – Handling
71 – Multiple Components Issues – Responding
72 – What Did We Learn
73 – What We’re Going to Learn
74 – Service and Application – Monitoring
75 – Some Symptoms – Services
76 – DEMO – Checking Services
77 – DEMO – Application Error Monitoring
78 – Analysis – Applications
79 – Service and Application – Response and Restore
80 – Detecting the Attacks – Applications
81 – Types of Attacks – Session Hijacking
82 – DEMO – Session Hijack
83 – Symptoms – Session Hijacking
84 – Defense – Session Hijacking
85 – When It Happens – Session Hijacking
86 – Types of Attacks – Command Injection
87 – Defense – SQL Injections
88 – When It Happens – SQL Injection
89 – Types of Attacks – XSS Attacks
90 – What Attackers Are Looking For – XSS Attacks
91 – Types of XSS Attacks
92 – Tools – XSS Attacks
93 – Defense – XSS Attacks
94 – When It Happens – XSS Attacks
95 – Types of Attacks – Buffer Overflow
96 – Types of Buffer Overflows
97 – Tools – Buffer Overflows
98 – Defense – Buffer Overflows
99 – When It Happens – Buffer Overflows

Resolve the captcha to access the links!