Author
Updated
10/27/2020Released
11/27/2018- Creating an incident response team
- Classifying incidents
- Building an incident response program
- Identifying symptoms of incidents
- Conducting forensic investigations
- Logging and monitoring
Skill Level Intermediate
Duration
Views
- Sometimes things go wrong in the world of information security. Even though we spend a significant amount of time analyzing risks and implementing security controls, those controls are not foolproof. Information security managers must be prepared to handle security incidents that arise in their organizations and do so in a manner that contains the damage, determines the root cause of the incident, resolves the issue and recovers normal operations as quickly as possible. Incident management is so important, that it is one of the four main topics covered on the Certified Information Security Manager or CISM exam. Hi, I'm Mike Chapple. And I'd like to welcome you to this course, which is part of our CISM exam prep series. In this course we'll cover all of the information security incident management material that's on the CISM exam. All right, let's get rolling.
Related Courses
-
Insights from a Cybersecurity Professional
with Mike Chapple32m 15s Intermediate -
CISM Cert Prep: 1 Information Security Governance
with Mike Chapple1h 50m Intermediate
-
Introduction
-
Study resources1m 24s
-
1. Incident Response
-
2. Assessing Incidents
-
Threat classification4m 5s
-
3. Incident Response Process
-
Incident communications plan2m 51s
-
Incident identification4m 2s
-
Escalation and notification2m 42s
-
Mitigation2m 46s
-
Containment techniques3m 21s
-
Validation2m 20s
-
4. Incident Symptoms
-
Network symptoms4m 2s
-
Endpoint symptoms2m 55s
-
Application symptoms2m 20s
-
-
5. Forensic Investigations
-
Evidence types3m 51s
-
System and file forensics4m 17s
-
Creating forensic images5m 36s
-
Digital forensics toolkit2m 44s
-
Password forensics8m 9s
-
Network forensics4m 19s
-
Software forensics2m 52s
-
Mobile device forensics1m 14s
-
Embedded device forensics2m 50s
-
Chain of custody2m 13s
-
6. Logging and Monitoring
-
Data loss prevention6m 34s
-
Conclusion
-
Next steps1m 16s
-
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.
CancelTake notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Information security incident management