Security Posture & Incident Response

Learning Objective: 
  • Summarize the techniques used in security assessments
  • Explain the importance of security concepts in an enterprise environment.
  • Use the appropriate tool to assess organizational security
  • Summarize the importance of policies, processes, and procedures for incident response
  • Given an incident, utilize appropriate data sources to support an investigation
  • Apply mitigation techniques or controls to secure an environment
  • Topology & Service Discovery
  • Packet Capture Tools
  • Remote Access Trojans
  • Honeypots and Honeynets
  • Incident Response Procedures
  • Preparation Phase
  • Identification Phase
  • Containment Phase
  • Eradication and Recovery Phases