Hands-On Incident Response Analysis
4.0 (16 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
100 students enrolled

Hands-On Incident Response Analysis

Plan and execute effective incident response protocols for your organization
4.0 (16 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
100 students enrolled
Created by Packt Publishing
Last updated 11/2019
English
English
Current price: $86.99 Original price: $124.99 Discount: 30% off
5 hours left at this price!
30-Day Money-Back Guarantee
This course includes
  • 2.5 hours on-demand video
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
Training 5 or more people?

Get your team access to 4,000+ top Udemy courses anytime, anywhere.

Try Udemy for Business
What you'll learn
  • Understand the fundamentals of incident response
  • Learn how to set up security operations in your organization
  • Learn forensics techniques with incident handling
  • Detection of attacks on networks, websites, and applications
  • Hands-on practical approaches to (and protocols for) incident handling
Requirements
  • Exploring the major symptoms, defense against them and what to do when an incident happens, you will get a complete understanding of the subject.
Description

Cyber attacks take place every minute of the day around the world. Incident response is an organized approach to addressing and managing the aftermath of a security breach or attack. Responding to any incident rapidly will help your organization minimize losses, mitigate any vulnerabilities, restore services and processes as quickly as possible, and reduce the risk of being attacked in the future. Incident response strategies prepare an organization for the unknown. They comprise a dependable method for detecting a security instance instantly when it occurs, and addressing it effectively.

In this course, you will learn the core principles of hands-on incident response (IR). You will look at the major symptoms, defenses against them, and what to do when an incident happens, along with how to detect incidents in the first place. You will explore the actual workflow steps that every security professional should follow to ensure consistency in your incident identification and resolution approaches. Moving on, you will delve into some more common incidents that could affect your network by reviewing how to handle and respond to issues such as a DoS, a session hijack, or even malicious code. By taking this course, you will be able to differentiate between commodity and Advanced Persistent Threat (APT) attack groups. You will explore how to review alerts, log files, and recognize common character encodings and carrier files.

By the end of this course, you will be ready to take on incident response strategies pre-emptively and confidently, and you'll be able to identify the various (and sometimes subtle) signs that may indicate you've had an incident or one's coming your way.

About the Author

Sunil Gupta is an experienced computer programmer and cybersecurity expert. He consults in information technology with a focus on cybersecurity. He is an invited speaker for, and a member of, many key organizations.

Sunil has helped many organizations around the Globe including Barclays Bank, Aviation College Qatar (QATAR), Ethiopian Airlines, Telecom Authority Tanzania, NCB Bank (Saudi Arabia), Accenture (India), Afghan Wireless (Afghanistan), and many more.

Currently, he teaches online over 50,000 students in more than 170 countries and some of his best work has been published by major publishing houses. Some of his best courses include: End-to-End Penetration Testing with Kali Linux and Threat and Vulnerability Assessment for Enterprises.

Who this course is for:
  • This course is best suited to information security engineers, IT managers, risk management professionals, IT/system administrators, network administrators, and disaster recovery staff.
Course content
Expand all 32 lectures 02:18:15
+ Discovering Incident Response
7 lectures 17:59

This video will give you an overview about the course.

Preview 01:30

This video provides information about incident identification, initial recording, and initial response.

   •  Explore the incident identification process

   •  Get explanation of initial recording

   •  Learn about initial response and get lab setup information

Identification, Initial Recording, and Response
03:33

In this video, you will learn about incident communication and containment.

   •  Learn about incident communication

   •  Get an explanation of communication process

   •  Explore the process of containment

Incident Communication and Containment
02:38

This video will help you understand response strategy.

   •  Learn about response strategy

   •  Explore the list of factors

   •  Get explanation of factors

Response Strategy Formulation
02:20

In this video, we will understand about incident classification and investigation process.

   •  Explore the classification of incidents

   •  Get explanation of classification

   •  Explore the incident investigation process

Incident Classification and Investigation
02:26

This video will help you understand forensics and eradication process.

   •  Learn about forensics analysis

   •  Explore the goals of forensics analysis

   •  Understand the process of eradication

Forensics and Eradication
03:07

In this video, we will learn about incident documentation.

   •  Learn about incident documentation

   •  Learn from incident documentation example

   •  Get an explanation of documentation points

Incident Documentation
02:25
+ Detecting and Preventing Attacks on the Host and Networks
5 lectures 38:04

In this video, you will explore the section objectives.

   •  Learn about section objectives

   •  Explore the list of topics

   •  Get an explanation of topics

Preview 01:26

In this video, we will learn about DOS attack and prevention techniques.

   •  Learn about DOS attack

   •  Explore the DOS attack process

   •  Understand the DOS attack prevention techniques

Denial-of-Service Attack Detection and Prevention
08:30

In this video, we will learn about unauthorized attack In systems.

   •  Learn about unauthorized attack

   •  Learn attack Process

   •  Detect unauthorized attack using various tools

Unauthorized Attack Detection and Prevention
12:07

In this video, we will learn about inappropriate usage in network and detection techniques.

   •  Learn about inappropriate usage

   •  Explore the log analysis process

   •  Understand the inappropriate usage detection techniques

Inappropriate Usage Detection and Prevention
10:54

In this video, we will learn about multiple component issues.

   •  Learn about multiple component issues

   •  Get an explanation of multiple component attack process

   •  Learn from the basic example to understand this issue

Multiple Component Issues, Detection, and Prevention
05:07
Test Your Knowledge
2 questions
+ Building Defense for Services and Attacks on Applications
5 lectures 20:59

In this video, you will explore section objectives.

   •  Learn about section objectives

   •  Explore the list of topics

   •  Get an explanation of topics

Preview 01:22

This video will help you learn session hijacking process and prevention process.

   •  Learn about session hijacking attack

   •  Session hijacking symptoms

   •  Session hijacking prevention process

Session Hijacking Symptoms and Defense
04:52

In this video, you will learn injection attack process and prevention process.

   •  Learn about SQL injection attack

   •  Explore the injection attack process

   •  Understand the injection prevention process

SQL Injection Attack Symptoms and Defense
05:12

In this video, you will learn XSS attack process and prevention process

   •  Learn about XSS attack

   •  Explore the XSS attack process

   •  Understand the XSS attack prevention techniques

Cross-site Scripting Attack Symptoms and Defense
05:04

In this video, you will learn Buffer overflow attack process and prevention process.

   •  Learn about Buffer overflow attack

   •  Explore the Buffer overflow attack process

   •  Prevent the buffer overflow attack

Buffer Overflow Attack Symptoms and Defense
04:29
Test Your Knowledge
2 questions
+ Detecting and Handling Malicious Code
4 lectures 15:25

In this video, you will learn malware signs.

   •  Learn about malware attack

   •  Explore the list of malware signs

   •  Get an explanation of malware attack

Preview 03:19

In this video, you will learn the process to create botnets.

   •  Learn about bot and botnet

   •  Explore the process to generate bots

   •  Understand the Bot communication techniques

Bot and Botnets
03:25

In this video, you will learn about rootkit and rootkit prevention techniques.

   •  Learn about rootkit

   •  Explore the rootkit attack process

   •  Understand the rootkit detection and prevention process

Rootkit in Windows
05:04

In this video, you will learn about detection and prevention techniques.

   •  Learn about malware detection process

   •  Explore the malware prevention techniques

   •  Get complete explanation of the process to prevent malicious code and attack

Detection and Prevention of Malicious Code
03:37
Test Your Knowledge
2 questions
+ Implementing Forensics for Incident Response
5 lectures 28:37

In this video, we will learn about forensics investigation process.

   •  Learn about forensics investigation

   •  Explore the forensics investigation process

   •  Understand the importance of forensics investigation

Preview 02:39

In this video, you will learn the basics of data capturing and imaging.

   •  Learn about data capturing

   •  Explore the imaging process

   •  Understand the importance of the imaging processIn this video, you will learn the process of imaging using FTK Software.

   •  Learn about FTK Software

   •  Explore the installation process of FTK

   •  Understand the imaging process using FTK

Capturing Data and Imaging
02:22

In this video, you will learn the process of imaging using FTK Software.

  • Learn about FTK Software

  • Explore the installation process of FTK

  • Understand the imaging process using FTK

FTK Imaging Software
06:19

In this video, you will learn memory analysis process using volatility tool in Kali Linux.

   •  Learn about memory capture process

   •  Explore the volatility tool in Kali Linux

   •  Understand the memory analysis process using volatility tool

Memory Analysis Using Volatility
09:25

In this video, you will learn about image analysis using Autopsy.

   •  Learn about Autopsy program

   •  Open a new case in autopsy

   •  Understand the image analysis using Autopsy

The Autopsy Program
07:52
Test Your Knowledge
2 questions
+ Preventing Insider Threats: Detection and Handling
6 lectures 17:11

In this video, you will know about insider threat and workflow of insider threat.

   •  Learn about insider threat

   •  Explore the workflow of insider threat

   •  Get an explanation of workflow

Workflow of Insider Threats
03:17

In this video, you will know about detection and response of threats.

   •  Detect the insider threats

   •  Learn about the response to insider threats

   •  Get an explanation of insider attack detection and response process

Detection and Response for Insider Attacks
02:16

This video will help us learn about network-level insider threats.

   •  Insider threats at network level

   •  Network security points

   •  Explanation of network security

Insider Threats Prevention: Network Level
02:41

In this video, we will learn about access control techniques to prevent insider threats.

   •  Learn about access control

   •  Understand the access control points

   •  Prevent insider threat using access control

Insider Threats Prevention: Access Control
02:47

In this video, you will learn how to control the access of privileged users.

   •  Learn about privileged users

   •  Get access control of privileged users

   •  Prevent insider threats by controlling access control of privileged users

Insider Threats Prevention: Privileged Users
03:03

In this video, we will learn how to control access of privileged users.

   •  Learn about backup process

   •  Understand the importance of backup

   •  Explore the complete backup process

Insider Threats Prevention: Backup
03:07
Test Your Knowledge
2 questions