New Training: Incident Response and Forensic Evidence Collection

In this 5-video skill, CBT Nuggets trainer Bob Salmans explores the process of incident response and forensic evidence collection, which both come directly from NIST SP 800-61 and NIST SP 800-86. Watch this new Cisco training.

Watch the full course: Cisco Certified CyberOps Associate

This training includes:

• 5 videos

• 28 minutes of training

You’ll learn these topics in this skill:

• Information Security Management Concepts

• Discussing Elements of an Incident Response (IR) Plan

• Defining the Incident Response Process

• Mapping Stakeholders to Incident Response (IR) Categories

• Exploring the Forensic Evidence Collection Process

What is NIST SP 800-61?

NIST SP 800-61 is a guidebook provided by the National Institute of Standards and Technology that helps organizations, regardless of their size, properly respond to computer security incidents, such as a DDOS attack, a data breach or a malware infection. It includes information on the following topics:

1. Organizing a Computer Security Incident Response Capability

2. Handling an Incident

3. Coordination and Information Sharing

By thoroughly understanding the information in this guide, you will be prepared to handle an incident before it happens. It will show you how to create plans, policies and procedures for handling incidents. It will further show you how to both detect and analyze attacks, and it will give you the wherewithal to not only contain these attacks but also eliminate them.

Understand that it's not a question of if you'll face a computer security incident, but when. With knowledge of NIST SP 800-61, you will be able to handle any incident that comes your way.