Risk Identification, Monitoring, and Analysis: In the Risk Identification, Monitoring, and Analysis session, you will learn how to identify, measure, and control losses associated with adverse events. You will review, analyze, select, and evaluate safeguards for mitigating risk.You will learn processes for collecting information, providing methods of identifying security events, assigning priority levels, taking the appropriate actions, and reporting the findings to the correct individuals. After collection of the details from monitoring, we can analyze to determine if the system is being operated in accordance with accepted industry practices, and in compliance with organization policies and procedures.
Identifying, Monitoring, and Analyzing Risk and Incident Response and Recovery
4 928 déjà inscrits
Offert par
Identifying, Monitoring, and Analyzing Risk and Incident Response and Recovery
(ISC)²À propos de ce cours
10 760 consultations récentes
Dates limites flexibles
Réinitialisez les dates limites selon votre disponibilité.
Certificat partageable
Obtenez un Certificat lorsque vous terminez
100 % en ligne
Commencez dès maintenant et apprenez aux horaires qui vous conviennent.
Niveau débutant
Approx. 23 heures pour terminer
Anglais
Sous-titres : Anglais
Votre entreprise pourrait-elle bénéficier de la formation des employés à des compétences recherchées ?
Essayez Coursera pour les affairesDates limites flexibles
Réinitialisez les dates limites selon votre disponibilité.
Certificat partageable
Obtenez un Certificat lorsque vous terminez
100 % en ligne
Commencez dès maintenant et apprenez aux horaires qui vous conviennent.
Niveau débutant
Approx. 23 heures pour terminer
Anglais
Sous-titres : Anglais
Votre entreprise pourrait-elle bénéficier de la formation des employés à des compétences recherchées ?
Essayez Coursera pour les affaires
Offert par
(ISC)²
(ISC)² is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP®) certification, (ISC)2 offers a portfolio of credentials that are part of a holistic, programmatic approach to security. www.isc2.org
Programme de cours : ce que vous apprendrez dans ce cours
Évaluation du contenu98%(1,779 évaluations)
Semaine
1Semaine 1
Understand the Risk Management Process
Module Topic: Risk Visibility and Reporting, Risk management Concepts, Risk Assessment, Risk Treatment, Audit Findings. In Risk visibility and Reporting, you will learn about risk register, creating a risk register, risk register, and risk management steps. In Risk Management Concepts, you will learn about, key terms, and generic risk model with key factors - NIST SP 800-30 R1. In risk Assessment, you will learn about NIST SP 800- 30 R1 risk assessment methodology, Step 1. prepare for the assessment, Step 2. conduct the assessment, Step 2a. identify threat sources, step 2b. identify potential threat events, step 2c. identify vulnerabilities and predisposing conditions, step 2d. determine likelihood, step 2e. determine impact, step 2f. risk determination, risk level matrix, risk levels, step 3. communicating and sharing risk assessment information, step 4. maintaining the risk assessment, and risk assessment activity. In Risk Treatment, you will learn about, risk mitigation, example control: passwords, control selection, residual risk, risk transference, risk avoidance, and risk acceptance. In audit Findings, you will learn about auditors, types of audits, audit methodologies, auditor responsibilities, audit scope, documentation, and response to audit.
14 vidéos (Total 84 min), 14 lectures, 1 quiz
14 vidéos
Risk Management Process: Creating a Risk Register7 min
Risk Management Process: Risk Register Risk Management Steps8 min
Risk Management Process: Key Terms5 min
Risk Management Process: Key Terms6 min
Risk Management Process: Risk Assessment3 min
Risk Management Process: Preparation Steps7 min
Risk Management Process: Step 2b4 min
Risk Management Process: Quantitative Analysis8 min
Risk Management Process: Qualitative Analysis5 min
Risk Management Process: Step 33 min
Risk Management Process: Risk Treatment5 min
Risk Management Process: Risk Avoidance5 min
Risk Management Process: Type of Audits7 min
14 lectures
Risk Management Process: Risk Visibility and Reporting10 min
Risk Management Process: Creating a Risk Register10 min
Risk Management Process: Risk Register Risk Management Steps10 min
Risk Management Process: Key Terms10 min
Risk Management Process: Key Terms10 min
Risk Management Process: Risk Assessment10 min
Risk Management Process: Preparation Steps10 min
Risk Management Process: Step 2b10 min
Risk Management Process: Quantitative Analysis10 min
Risk Management Process: Qualitative Analysis10 min
Risk Management Process: Step 310 min
Risk Management Process: Risk Treatment10 min
Risk Management Process: Risk Avoidance10 min
Risk Management Process: Type of Audits10 min
1 exercice pour s'entraîner
Quiz 130 min
Semaine
2Semaine 2
Perform Security Assessment Activities
Module Topics: Participate in Security and Test Results, Penetration Testing. In Participate in Security and Test Results, you will learn about vulnerability scanning and analysis, vulnerability testing software categories, vulnerability testing qualities, potential problems, host scanning, host security considerations, traffic types, security gateway types, wireless networking testing, potential security issues, searching for rogue access points, locking down the enterprise, wireless tools, war dialing, and war driving. In Penetration Testing you will learn about penetration testing modes, white box / hat, gray box / hat, black box / hat, phase 1: preparation, reporting, phase 2: reconnaissance and network mapping techniques, reconnaissance, social engineering and low-tech reconnaissance, whois attacks, DNS zone transfers, network mapping, network mapping techniques, firewalking, basic built-in tools, phase 3: information evaluation and risk analysis, phase 4: active penetration, phase 5: analysis and reporting, penetration testing high-level steps.
11 vidéos (Total 73 min), 11 lectures, 1 quiz
11 vidéos
Security Assessment Activities: Potential Problems6 min
Assessment Activities: Security Gateway Types5 min
Security Assessment Activities: Potential Security Issues6 min
Security Assessment Activities: Penetration Testing6 min
Security Assessment Activities: White Box / Hat8 min
Security Assessment Activities: Reconnaissance4 min
Security Assessment Activities: DNS Zone Transfers7 min
Security Assessment Activities: Network Mapping Techniques9 min
Security Assessment Activities: Firewalking6 min
Security Assessment Activities: Active Penetration6 min
11 lectures
Security Assessment Activities: Participate in Security and Test Results10 min
Security Assessment Activities: Potential Problems10 min
Assessment Activities: Security Gateway Types10 min
Security Assessment Activities: Potential Security Issues10 min
Security Assessment Activities: Penetration Testing10 min
Security Assessment Activities: White Box / Hat10 min
Security Assessment Activities: Reconnaissance10 min
Security Assessment Activities: DNS Zone Transfers10 min
Security Assessment Activities: Network Mapping Techniques10 min
Security Assessment Activities: Firewalking10 min
Security Assessment Activities: Active Penetration10 min
1 exercice pour s'entraîner
Quiz 230 min
Semaine
3Semaine 3
Operate and Maintain Monitoring Systems & Analyze and Report Monitoring Results
Module Topics: Events of Interest, Logging, source Systems, Security Analytics, metrics, and Trends, Visualization, Event Data Analysis, Communication of Findings. In Events of Interest you will learn about, monitoring terminology, Intrusion Detection System (IDS)/Intrusion Prevention System (IPS), comparing IDS and IPS, types of IDS/IPS devices, deploying HIDS and NIDS, implementation issues for monitoring, monitoring control, other considerations, sample questions to consider, collecting data for incident response, monitoring response techniques, attackers, attacker motivations, intrusions, events, types of monitoring, and file integrity checkers, continuous/compliance monitoring. In Logging, you will learn about reviewing host logs, reviewing incident logs, log anomalies, log management, clipping levels, filtering, log consolidation, log retention, centralized logging (syslog and log aggregation), syslog, distributed log collectors, hosted logging services, configuring event sources (s-flow, NetFlow, sniffer), Cosco NetFlow, What is an IP Flow, IP packet attributes, understanding network behavior, how to access the data produced by NetFlow, How does the router or switch determine which flows to export to the NetFlow collector server, format of the export data, sFlow, event correlation systems (security, information, and event management (SIEM)), SIEM functions, compliance, enhanced network security and improved IT/security operations, and full packet capture. In Source System, you will learn about comprehensive application, middleware, OS, and infrastructure monitoring, hyper capabilities, and operations manager. Analyze and Report Monitoring: In Security Analytics, Metrics, and Trends, you will learn about security baseline, network security baseline, metrics and analysis (MA), systems security engineering capability maturity model (SSE-CMM), and potential metrics. In visualization topic, you will learn about data visualization tools. In Event Data Analysis, you will learn about logs, log management, log management recommendations, and Potential uses of server log data. In Communication of Findings, you will learn about checklist for report writers and reviewers.
12 vidéos (Total 75 min), 12 lectures, 1 quiz
12 vidéos
Monitoring Systems: IDS/IPS5 min
Monitoring Systems: Implementation Issues for Monitoring6 min
Maintain Monitoring Systems: Sample Questions6 min
Maintain Monitoring Systems: Attacker Motivations7 min
Maintain Monitoring Systems: Logging5 min
Maintain Monitoring Systems: Log Anomalies5 min
Maintain Monitoring Systems: Log Retention6 min
Monitoring Systems: Compliance6 min
Monitoring Results: Security Baseline6 min
Monitoring Results: SSE-CMM6 min
Monitoring Results: Potential Uses of Server Log Data6 min
12 lectures
Monitoring Systems: Monitoring Terminology10 min
Monitoring Systems: IDS/IPS10 min
Monitoring Systems: Implementation Issues for Monitoring10 min
Maintain Monitoring Systems: Sample Questions10 min
Maintain Monitoring Systems: Attacker Motivations10 min
Maintain Monitoring Systems: Logging10 min
Maintain Monitoring Systems: Log Anomalies10 min
Maintain Monitoring Systems: Log Retention10 min
Monitoring Systems: Compliance10 min
Monitoring Results: Security Baseline10 min
Monitoring Results: SSE-CMM10 min
Monitoring Results: Potential Uses of Server Log Data10 min
1 exercice pour s'entraîner
Quiz 330 min
Semaine
4Semaine 4
Incident Response and Recovery
Module Topics: Preparation, Detection and Analysis, Containment, Eradication, and Recovery, Post-Incident Activity, Implementation of Countermeasures. In Introduction, you will learn about incident response, and basic definitions. In preparation, you will learn about elements of an incident response policy, incident response plan, training, incident response tools, communication planning, communication with law enforcement, media, requirements for effective incident handling, the incident response team, core team areas, centralized and decentralized teams, team structure, team conditions that support success, and other considerations. In Detection and Analysis, you will learn about Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS), types of intrusion systems, intrusion detection techniques, false positives and false negatives, anti-malware systems, security information event management (SIEM), Incident analysis, packet sniffers, Inline SSL decryption devices, incident documentation, records, assessing risk, response, containment strategy considerations, Delaying containment, areas of focus, defining an incident, triage, and notification. In Containment, Eradication, and Recovery, you will learn about common containment activities, and eradication. In post-incident activity, you will learn about effective incident response. In implementation of Countermeasures, you will learn about implementation steps.
13 vidéos (Total 77 min), 13 lectures, 1 quiz
13 vidéos
Incident Handling: Preparation6 min
Incident Handling: Training6 min
Incident Handling: Communication Planning7 min
Incident Handling: The Incident Response Team7 min
Incident Handling: IDS and IPS4 min
Incident Handling: Intrusion Detection Techniques7 min
Incident Handling: Anti-Malware Systems2 min
Incident Handling: Packet Sniffers6 min
Incident Handling: SSL Decryption Devices4 min
Incident Handling: Records6 min
Incident Handling: Delaying Containment6 min
Incident Handling: Containment, Eradication, and Recovery4 min
13 lectures
Incident Handling: Incident Response10 min
Incident Handling: Preparation10 min
Incident Handling: Training10 min
Incident Handling: Communication Planning10 min
Incident Handling: The Incident Response Team10 min
Incident Handling: IDS and IPS10 min
Incident Handling: Intrusion Detection Techniques10 min
Incident Handling: Anti-Malware Systems10 min
Incident Handling: Packet Sniffers10 min
Incident Handling: SSL Decryption Devices10 min
Incident Handling: Records10 min
Incident Handling: Delaying Containment10 min
Incident Handling: Containment, Eradication, and Recovery10 min
1 exercice pour s'entraîner
Quiz 430 min
Semaine
5Semaine 5
Understand and Support Forensic Investigations & Business Continuity and Disaster Recovery Plan
Module Topic: Forensic Investigations, Emergency Response Plans and Procedures, Disaster Recovery Planning, Interim or Alternate processing Strategies, Backup and Redundancy Implementation, System and Data Availability, Testing and Drills. Understand and Support Forensic Investigations: In Forensic Investigations, you will learn about crime scene, live evidence, Locard's principle, criminal behavior, incident response team, general guidelines, rules of thumb, evidence gathering, Hash algorithms, criminal charges, documentation, five rules of evidence, media analysis, network analysis, software analysis, author identification, content analysis, context analysis, hardware/embedded device analysis, NIST recommendations, and incident response. Understand and Support Business Continuity Plan: In Emergency Response Plans and Procedures, you will learn about business continuity planning, establish a business continuity program, Business Impact Analysis (BIA), key concepts, maximum tolerable downtime (MTD), Recovery Time Objective (RTO), Recovery Point Objective (RPO), Financial and Nonfinancial impacts, stakeholder input, BIA completion process, BIA project stages, Identify critical IT resources, Identify disruption impacts, and development recovery priorities. In Disaster Recovery Planning, you will learn about Identity types of potential disasters, assets, personnel considerations, and related documents. In Interim or Alternate Processing Strategies, you will learn about cold site, warm site, hot site, multiple processing sites, and mobile sites. In Backup and Redundancy Implementation, you will learn about full backup, differential backup, incremental backup, evaluating alternatives, Off-site storage, electronic vaulting, and remote journaling. In System and Data Availability, you will learn about clustering, high-availability clustering, load-balancing clustering, redundant array of independent disks (RAID), data redundancy techniques, and RAID levels. In Testing and Drills, you will learn about checklist test, structured walkthrough test, simulation testing, parallel testing, full interruption testing, and plan review and maintenance.
18 vidéos (Total 106 min), 18 lectures, 1 quiz
18 vidéos
Forensic Investigation: General Guidelines7 min
Forensic Investigation: Hash Algorithms7 min
BCP and DRP: Emergency Response5 min
BCP and DRP: Comparing BCP and DRP5 min
BCP and DRP: Business Impact Analysis3 min
BCP and DRP: Recovery Time Objective5 min
BCP and DRP: BIA4 min
BCP and DRP: Business Continuity Activity4 min
BCP and DRP: Disaster Recovery Planning7 min
BCP and DRP: Related Documents6 min
BCP and DRP: Multiple Processing Sites3 min
BCP and DRP: Backup and Redundancy Implementation7 min
BCP and DRP: Off-Site Storage6 min
BCP and DRP: RAID Levels4 min
BCP and DRP: RAID Levels7 min
BCP and DRP: Testing and Drills5 min
BCP and DRP: Full Interruption Testing6 min
18 lectures
Forensic Investigation: Crime Scene10 min
Forensic Investigation: General Guidelines10 min
Forensic Investigation: Hash Algorithms10 min
BCP and DRP: Emergency Response10 min
BCP and DRP: Comparing BCP and DRP10 min
BCP and DRP: Business Impact Analysis10 min
BCP and DRP: Recovery Time Objective10 min
BCP and DRP: BIA10 min
BCP and DRP: Business Continuity Activity10 min
BCP and DRP: Disaster Recovery Planning10 min
BCP and DRP: Related Documents10 min
BCP and DRP: Multiple Processing Sites10 min
BCP and DRP: Backup and Redundancy Implementation10 min
BCP and DRP: Off-Site Storage10 min
BCP and DRP: RAID Levels10 min
BCP and DRP: RAID Levels10 min
BCP and DRP: Testing and Drills10 min
BCP and DRP: Full Interruption Testing10 min
1 exercice pour s'entraîner
Quiz 530 min
Semaine
6Semaine 6
Case Study
This assignment is based on a case study that will require the student to put into practice the knowledge they have gained through the course. It requires the basic understanding of the topics and the ability to relate those topics to the real world. The objective of review is to determine whether the student has understood the concepts and has performed the necessary analysis to ensure a complete and thorough answer.
Semaine
7Semaine 7
Exam
1 lecture
1 lecture
SSCP Exam Information10 min
1 exercice pour s'entraîner
End-of-Course Exam30 min
Avis
4.8
- 5 stars84,86 %
- 4 stars14,05 %
- 1 star1,08 %
Meilleurs avis pour IDENTIFYING, MONITORING, AND ANALYZING RISK AND INCIDENT RESPONSE AND RECOVERY
par MR29 août 2021
Its a good baseline to begin the security it carrer
par DM17 déc. 2020
Its the best and its training methodology is superb.
par DC17 mars 2020
Very informative course and the tutor is really good !!!
par QF29 oct. 2020
Excellent Course , healed me allot learning about Risk Management and And Incident Response
Foire Aux Questions
Puis-je prévisualiser un cours avant de m'inscrire ?
Oui, vous pouvez prévisualiser la première vidéo et consulter le programme du cours avant de vous inscrire. Vous devez acheter le cours pour accéder au contenu non inclus dans la prévisualisation.
À quoi ai-je droit si je m'inscris ?
Une fois que vous êtes inscrit(e) et que votre session commence, vous avez accès à toutes les vidéos et aux autres ressources, y compris les éléments à lire et le forum de discussion du cours. Vous pouvez afficher et soumettre des devoirs pour vous exercer, et terminer les devoirs notés requis pour obtenir une note et un Certificat de Cours.
Quand recevrai-je mon Certificat de Cours ?
Si vous réussissez le cours, votre Certificat de Cours électronique sera ajouté à votre page Accomplissements. À partir de cette page, vous pouvez imprimer votre Certificat de Cours ou l'ajouter à votre profil LinkedIn.
Pourquoi ne puis-je pas assister à ce cours en auditeur libre ?
Ce cours fait partie du nombre restreint de cours proposés par Coursera actuellement disponibles uniquement aux étudiants ayant payé les frais du cours ou bénéficié de l'Aide Financière, lorsqu'elle est disponible.
How long does it take to complete the course?
The course schedule contains approximately 21 hours of content material covering lectures, reading materials, a case study, and quizzes broken up over the course of 7 weeks
D'autres questions ? Visitez le Centre d'Aide pour les Étudiants.
