CISM Cert Prep: 4 Information Security Incident Management

Author

Mike Chapple

Skill Level Intermediate

2h 17m

Duration

6,278

Views

Show More Show Less

- [Mike] Sometimes things go wrong in the world of information security. Even though we spend a significant amount of time analyzing risks and implementing security controls, those controls are not foolproof. Information security managers must be prepared to handle security incidents that arise in their organizations in a manner that contains the damage, determines the root cause of the incident, resolves the issue, and recovers normal operations as quickly as possible.

Incident management is so important that it is one of the four main topics covered on the Certified Information Security Manager, or CISM, exam. Hi, I'm Mike Chapple, and I'd like to welcome you to this course, which is part of our CISM exam prep series. Specifically, we'll cover all of the information security incident management material covered on the CISM test. All right, let's get rolling.

Resume Transcript Auto-Scroll

Related Courses

Introduction
- Information security incident management
  57s
- What you need to know
  40s
- Study resources
  1m 24s
1. Incident Response
- The manager's role in incident response
  2m 29s
- Creating an incident response team
  2m 10s
2. Assessing Incidents
- Identifying and classifying security incidents
  3m 29s
- Threat classification
  4m 5s
- Zero days and the advanced persistent threat
  3m 40s
- Determining incident severity
  3m 31s
3. Incident Response Process
- Build an incident response program
  4m 33s
- Incident communications plan
  2m 51s
- Incident identification
  4m 2s
- Escalation and notification
  2m 42s
- Mitigation
  2m 46s
- Containment techniques
  3m 21s
- Incident eradication and recovery
  4m 38s
- Validation
  2m 20s
- Lessons learned and reporting
  3m 25s
4. Incident Symptoms
- Network symptoms
  4m 2s
- Rogue access points and evil twins
  3m 13s
- Endpoint symptoms
  2m 55s
- Application symptoms
  2m 20s
5. Forensic Investigations
- Conducting investigations
  5m 7s
- Evidence types
  3m 51s
- Introduction to forensics
  4m 6s
- System and file forensics
  4m 17s
- Creating forensic images
  5m 36s
- Digital forensics toolkit
  2m 44s
- Operating system analysis
  6m 7s
- Password forensics
  8m 9s
- Network forensics
  4m 19s
- Software forensics
  2m 52s
- Mobile device forensics
  1m 14s
- Embedded device forensics
  2m 50s
- Chain of custody
  2m 13s
- Ediscovery and evidence production
  3m 15s
6. Logging and Monitoring
- Correlating security event information
  2m 56s
- Continuous security monitoring
  4m 41s
- Data loss prevention
  6m 34s
Conclusion
- Next steps
  1m 16s

Show MoreShow Less

Take notes with your new membership!

Type in the entry box, then click Enter to save your note.

1:30Press on any video thumbnail to jump immediately to the timecode shown.

Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.

Start My Free Month

Skills covered in this course

Security IT

Lynda.com is now LinkedIn Learning!

To access Lynda.com courses again, please join LinkedIn Learning

Categories

3D + Animation Topics

3D + Animation Software

3D + Animation Learning Paths

Audio + Music Topics

Audio + Music Software

Audio + Music Learning Paths

Business Topics

Business Software

Business Learning Paths

Business Guides

CAD Topics

CAD Software

CAD Learning Paths

Design Topics

Design Software

Design Learning Paths

Developer Topics

Developer Software

Developer Learning Paths

Education + Elearning Topics

Education + Elearning Software

Education + Elearning Learning Paths

IT Topics

IT Software

IT Learning Paths

Marketing Topics

Marketing Software

Marketing Learning Paths

Photography Topics

Photography Software

Photography Learning Paths

Video Topics

Video Software

Video Learning Paths

Web Topics

Web Software

Web Learning Paths

Web Guides

CISM Cert Prep: 4 Information Security Incident Management

Author

Skill Level Intermediate

Duration

Views

Related Courses

CompTIA Security+ (SY0-501) Cert Prep: 1 Threats, Attacks, and Vulnerabilities

CISM Cert Prep: 1 Information Security Governance

Insights from a Cybersecurity Professional

IT Security Careers and Certifications: First Steps

CISM Cert Prep: 3 Information Security Program Development and Management

Introduction

1. Incident Response

2. Assessing Incidents

3. Incident Response Process

4. Incident Symptoms

5. Forensic Investigations

6. Logging and Monitoring

Conclusion

Take notes with your new membership!

Skills covered in this course

Continue Assessment

Start My Free Month