Course Length: 8 Hours
Course Objectives:
In this course, you will understand, assess and respond to security threats and operate a system and
network security analysis platform.
You will:
• Explain the importance of best practices in preparation for incident response
• Given a scenario, execute incident response process
• Explain general mitigation methods and devices
• Assess and comply with current incident response requirements.
Course Content
Lesson 1: Assessment of Information Security Risks
Topic A: The Importance of Risk Management
Topic D: Integrating Documentation into Risk Management
Lesson 2: Response to Cybersecurity Incidents
Topic A: Deployment of Incident Handling and Response Architecture
Topic B: Containment and Mitigation of Incidents
Topic C: Preparation for Forensic Investigation as a CSIRT
Lesson 3: Investigating Cybersecurity Incidents
Topic A: Use a Forensic Investigation Plan
Topic B: Securely Collect and Analyze Electronic Evidence
Topic C: Follow Up on the Results of an Investigation
Lesson 4: Complying with Legislation
− Examples of Legislation (if this is covered in above topics, no need to include here) GDPR,
HIPPA, Elections
− Case study: Incident Response and GDPR (Using GDPR legislation, create a response that is
compliant with it – this could be discussion-based activity as well.)
− State Legislation Resources and Example – Search terms to find state legislation
− Using NYS as example use the NYS Privacy Response act or other legislation to create
a similar case study as previous.
− Provide answers on when to use federal versus state and do you have to follow both?