New Training: Assessing an Organizations Security and Incident Readiness

In this 5-video skill, CBT Nuggets trainer Bob Salmans walks through the process of assessing an organizations information security posture and validating that organizations readiness to deal with a security incident. Watch this new Cyber Security training.

Watch the full course: CompTIA Security+

This training includes:

• 5 videos

• 48 minutes of training

You’ll learn these topics in this skill:

• Network Assessment Tools Pt.1

• Network Assessment Tools Pt.2

• Basic NMAP Commands

• File Manipulation and Shell Tools

• Forensic Tools and Data Sanitization

A Business Isn't Ready To Handle Security Incidents Without A Response Plan

The world of information security is complicated. Organizations shouldn't plan for whether they have a security incident, but rather when they have one. One of the key tools IT departments need to recover from a security incident is an incident response plan (or a crash plan). Having a verified and practiced security response plan is a good measure of whether a business is capable of handling a security incident.

An incident response plan has several functions. It's an organized path that explains how to identify and recover from a specific incident. First, that plan will describe what an incident might look like, what qualifies as an incident, and at what level of urgency that incident is.

Once a security incident has been identified and triaged, an incident response plan will explain step-by-step details on how to handle that incident. This part is important. By following repeatable, verified recovery steps, IT professionals can ensure that the incident is fully mitigated. The incident response plan also explains what stakeholders are responsible for each of those steps as well.