CompTIA Security+: Incident Response, Digital Forensics, & Supporting Investigations

CompTIA | Intermediate

9 videos | 44m 4s
Includes Assessment
Earns a Badge

(108)

To best support a digital forensic investigation, incident response teams need to be aware of the various incident response plans and processes available to them. In this CompTIA Security+ SYO-601 course, you'll start by exploring various incident response exercises, such as tabletop sessions, walkthroughs, and simulations. Then, you'll outline three fundamental attack frameworks: MITRE, The Diamond Model of Intrusion Analysis, and the Cyber Kill Chain. Next, you'll examine different incident response plans types, including communication plans, disaster recovery plans, business continuity plans, and continuity of operation planning (COOP). You'll then identify key aspects of digital forensics, such as documentation/evidence, acquisition and integrity maintenance, preservation, e-discovery, data recovery, non-repudiation, and strategic intelligence and counterintelligence. Lastly, you'll outline how to utilize appropriate digital forensic data sources to support an investigation.

WHAT YOU WILL LEARN

Discover the key concepts covered in this course

Describe incident response plans and processes, such as preparation, identification, containment, eradication, recovery, and lessons learned

Survey various types of incident response exercises, including tabletop, walkthroughs, and simulations

Compare the following attack frameworks: mitre att&ck, the diamond model of intrusion analysis, and cyber kill chain

Define different incident response plan types used by the irt, such as communication, disaster recovery, business continuity, and continuity of operation planning (coop)
Compare different types of forensic documentation and evidence, including legal holds, videos, admissibility issues, a chain of custody, and timelines of events in sequence

Describe the forensic acquisition concept, "order of volatility," and identify potential acquisition sources, such as disks, ram, swap/pagefile, os, firmware, and snapshots

Survey various forensic concepts, such as integrity, provenance, preservation, e-discovery, data recovery, non-repudiation, and strategic intelligence/counterintelligence

Summarize the key concepts covered in this course

IN THIS COURSE

1m 51s

FREE ACCESS
8m 20s

After completing this video, you will be able to describe incident response plans and processes, such as preparation, identification, containment, eradication, recovery, and lessons learned. FREE ACCESS
3. Incident Response Exercises

4m 20s

In this video, you will survey various types of incident response exercises, including tabletop exercises, walkthroughs, and simulations. FREE ACCESS
4. Attack Frameworks

7m 48s

In this video, learn how to compare the following attack frameworks: MITRE ATT&CK, the Diamond Model of Intrusion Analysis, and the Cyber Kill Chain. FREE ACCESS
5. Plan Types for the Incident Response Team (IRT)

7m 45s

In this video, learn how to define different incident response plan types used by the IRT, such as communication, disaster recovery, business continuity, and continuity of operations planning (COOP). FREE ACCESS
6. Forensic Documentation and Evidence

5m 18s

In this video, find out how to compare different types of forensic documentation and evidence, including legal holds, videos, admissibility issues, a chain of custody, and timelines of events in sequence. FREE ACCESS
7. Forensic Acquisition Concepts and Sources

3m 28s

Upon completion of this video, you will be able to describe the forensic acquisition concept, "order of volatility," and identify potential acquisition sources, such as disks, RAM, swap/pagefile, OS, firmware, and snapshots. FREE ACCESS
8. Digital Forensic Techniques

4m 29s

In this video, you will learn how to survey various forensic concepts, such as integrity, provenance, preservation, e-discovery, data recovery, non-repudiation, and strategic intelligence/counterintelligence. FREE ACCESS
9. Course Summary

46s

FREE ACCESS

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

Course SRE Emergency & Incident Response: Incident Response

(291)

Course Mitigating Security Risks: Managing the Incidents

(66)

Course CompTIA Cybersecurity Analyst+: Business Continuity

(4)

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE

Course CompTIA Security+: Analyzing Application & Network Attacks

(483)

Course CompTIA Security+: Organizational Security Assessment Tools & Mitigation Controls

(108)

Course CompTIA Security+: Security Policies, Regulations, Standards, & Frameworks

(189)

Get Started

Sharpen your skills. Upgrade your career. Find the right learning path for you, based on your role and skills. Take part in hands-on practice, study for a certification, and much more - all personalized for you.

*Not included: Compliance, Leadership Development Program content, and Engineering books

Your content + our content + our platform = a path to learning success

Using our learning experience platform, Percipio, your learners can engage in custom learning paths that can feature curated content from all sources.

Learn More

Aspire to something bigger

Aspire Journeys are guided learning paths that set you in motion for career success.

Browse Aspire Journeys

Explore a world of live learning with Global Knowledge

Choose from convenient delivery formats to get the training you and your team need - where, when and how you want it.

Browse Live Learning

IT Skills and Salary Report

ESG Impact Report

CompTIA Security+: Incident Response, Digital Forensics, & Supporting Investigations

WHAT YOU WILL LEARN

IN THIS COURSE

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

YOU MIGHT ALSO LIKE

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE