Operations and Incident Response for CompTIA Security+
Experiencing a cyber event is not a question of if, but of when. This course will teach you the skills necessary to assess organizational security and respond to various cyber-related incidents.
What you'll learn
Proper and timely incident response including gathering data and preservation of evidence is critical to a successful response and investigation. In this course, Operations and Incident Response for CompTIA Security+, you’ll learn to how to assess your organizational security and respond to cyber-related incidents. First, you’ll explore the tools and techniques associated with network reconnaissance and discovery. Next, you’ll learn the steps in the incident response process along with the various attack frameworks and testing methodologies. From there, you’ll learn the components of a proper communication plan, business continuity and disaster recovery plan to help prepare for, and respond to, a cyber event. Finally, you’ll learn key aspects of digital forensics. When you’re finished with this course, you’ll have the skills and knowledge necessary to not only plan and prepare for cyber events, but to respond and investigate when they do.
Table of contents
- Module Overview 1m
- Traceroute/tracert 2m
- nslookup/dig 2m
- ipconfig/ifconfig 1m
- nmap and nmap demo 3m
- Ping and Pathping 3m
- hping and hping demo 3m
- Netstat 1m
- netcat 2m
- IP Scanners 1m
- ARP 1m
- Route 1m
- Curl and Curl Demo 2m
- TheHarvester and Demo 2m
- Sn1per and Demo 4m
- Scanless and Demo 2m
- DNSenum 1m
- Nessus and Cuckoo 3m
- File Manipulation (Head, Tail, Cat, GREP and Logger) 3m
- CHMOD 1m
- Shell and Script Environments (SSH, PowerShell, Python and OpenSSL) 1m
- Packet Capture and TCPDump Demo 3m
- Forensics 5m
- Exploitation Frameworks 2m
- Data Sanitization Tools 5m
- Module Review 1m
- Module Intro 1m
- Who Should Watch this Course? 3m
- Team Models 1m
- Incident Response Process 2m
- Preparation 2m
- Detection and Analysis 3m
- Stopping the Spread 3m
- Defining Goals and Expected Outcomes 4m
- Test the Plan 1m
- Walkthrough Tests 2m
- Communication Tests 1m
- Simulation (Tabletop) Tests 1m
- Partial Exercise 1m
- Full Exercise 1m
- Overall Cost and Complexity of Testing 1m
- Plan Review and Maintenance 2m
- Review Process Outcomes 1m
- Wired Brain Coffee's Testing 2m
- Intelligence Lifecycle 0m
- Threat Intelligence Lifecycle 1m
- Cyberthreat Intelligence Frameworks 1m
- Cyber Kill Chain 2m
- Diamond Model 2m
- MITRE Attack Framework 2m
- Key Points to Remember 2m
- Types of Plans 1m
- Disaster Recovery Plan 1m
- Business Continuity Plan 1m
- Business Resumption Plan 1m
- Incident Management Plan 1m
- Data Retention 3m
- Putting It All Together 2m
- Example Process 4m
- Module Intro 1m
- Filtering Through the Noise 4m
- Vulnerability Scanner Demo 4m
- SIEM 3m
- Log Files 4m
- Log Management, Syslog, Rsyslog, and Syslog-ng 3m
- Journalctl 3m
- NXLOG 1m
- Retention (Auditing, Compliance and Investigations) 2m
- Bandwidth Monitors 1m
- Metadata 3m
- Netflow, sFlow, and IPFIX 5m
- Detecting an Amplification Attack (ICMP echo) 2m
- Protocol Analyzer Output 6m
- Module Intro 1m
- Application Whitelisting/Blacklisting 1m
- Quarantine 2m
- Firewalls 6m
- Demo: Configuring Firewall Rules 4m
- Mobile Device Management 5m
- Using MDM to Locate and Secure and Lost Device 1m
- DLP, Content Filters/URL Filters and Updating/Revoking Certificates 3m
- Segregation, Segmentation and Isolation 3m
- Virtualization 1m
- Air Gaps 2m
- Securing the Environment using Isolation, Containment and Segmentation 2m
- SOAR and Runbooks/Playbooks 5m
- Module Overview 1m
- Computer Forensics 2m
- Order of Volatility 5m
- Chain of Custody 3m
- Legal Hold 1m
- First Responder Best Practices 5m
- Capture a System Image 4m
- Network Traffic and Logs 4m
- Capturing Video 1m
- Record Time Offset 2m
- Taking Hashes 2m
- Screenshots 1m
- Witnesses 2m
- Preservation of Evidence 2m
- Recovery 1m
- Strategic Intelligence / Counterintelligence Gathering 1m
- Data Integrity 2m
- Non-repudiation 1m
- On-prem vs. Cloud Challenges and Right to Audit 3m
- Regulatory / Jurisdictional Issues 2m
- Data Breach Notification Laws 2m
About the author
Chris is a professional information technologist, trainer, manager and lifelong learner. He is married with 3 beautiful children and interested in martial arts, working out, spending time with family and friends and being creative whenever possible. He has created a number of IT Certification training courses over the past 10 years and really enjoys helping people advance their careers through training and personal development.