Security Posture & Incident Response
Learning Objective:
- Summarize the techniques used in security assessments
- Explain the importance of security concepts in an enterprise environment.
- Use the appropriate tool to assess organizational security
- Summarize the importance of policies, processes, and procedures for incident response
- Given an incident, utilize appropriate data sources to support an investigation
- Apply mitigation techniques or controls to secure an environment
Topics:
- Topology & Service Discovery
- Packet Capture Tools
- Remote Access Trojans
- Honeypots and Honeynets
- Incident Response Procedures
- Preparation Phase
- Identification Phase
- Containment Phase
- Eradication and Recovery Phases