Incident Response: Detection and Analysis

Focused View

Aaron Rosenmund

2:19:18

19 View

01. Course Overview

01. Course Overview.mp4

01:38

02. Incidents and Response Teams with a Dash of Dark Energy

02. What Is an Incident.mp4

01:57

03. Types of Incidents and IR Teams .mp4

05:05

04. Scenario.mp4

02:44

05. Research on Globomantics .mp4

05:31

06. Globomantics Network .mp4

01:27

03. Preparation

07. Phases of IR.mp4

04:18

08. Assets.mp4

01:33

09. Initial Triage.mp4

02:28

10. Preparation Demo Tool Sets.mp4

03:30

11. Outro.mp4

00:53

04. Detection and Analysis

12. Detection.mp4

02:36

13. Initial Detection.mp4

07:36

14. Dig Deeper.mp4

02:01

15. Triage Questions.mp4

02:04

16. Demo-Detect Initial Event.mp4

38:48

17. Known Answers.mp4

03:07

18. Demo-IOCs - Find Other Devices.mp4

03:54

19. Pop Bottles.mp4

01:49

05. Intel

20. Intel.mp4

02:13

21. Demo-Base64.mp4

09:03

22. Keep Looking....mp4

02:14

06. Collect Host Data

23. Collection.mp4

03:34

24. Collect Host Data.mp4

18:01

07. Collect Network Data

25. Collect Network.mp4

03:04

26. Demo-Network Capture.mp4

04:58

27. Summary.mp4

03:12

Description

Walking into an incident response situation can be intimidating. This course will teach you how to accomplish the first phase of incident response, the initial detection and analysis.

What You'll Learn?

In an incident response scenario, it’s hard to know where to start. In this course, Incident Response: Detection and Analysis, you’ll learn to how to accomplish the first phase of an incident response scenario, the initial detection and analysis. First, you’ll validate and confirm that a reported event is, indeed, a security incident. Next, you’ll collect initial triage data used for developing IOC detections. Finally, you’ll learn how to assess and gather network event and host data for deeper analysis. When you’re finished with this course, you’ll have answered some initial, and critical, questions around the event, as well as come up with a lot more based on the collected triage data collected, and be able to move into the next phase of incident response.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Ethical Hacking

Penetration Testing

Aaron Rosenmund

Instructor's Courses

Aaron M. Rosenmund is a cyber security operations subject matter expert, with a background in federal and business defensive and offensive cyber operations and system automation. Leveraging his administration and automation experience, Aaron actively contributes to multiple open and closed source security operation platform projects and continues to create tools and content to benefit the community. As an educator & cyber security researcher at Pluralsight, he is focused on advancing cyber security workforce and technologies for business and national enterprises alike. In support of the Air National Guard, he contributes those skills part time in various initiatives to defend the nation in cyberspace. Certifications: GIAC GCIA, GIAC GCED, CCNA Cyber Operations, Pentest+, CySa+, CASP www.AaronRosenmund.com @arosenmund "ironcat"

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.