Risk Identification, Monitoring, and Analysis: In the Risk Identification, Monitoring, and Analysis session, you will learn how to identify, measure, and control losses associated with adverse events. You will review, analyze, select, and evaluate safeguards for mitigating risk.You will learn processes for collecting information, providing methods of identifying security events, assigning priority levels, taking the appropriate actions, and reporting the findings to the correct individuals. After collection of the details from monitoring, we can analyze to determine if the system is being operated in accordance with accepted industry practices, and in compliance with organization policies and procedures.
Incident Response and Recovery: In the Incident Response and Recovery Session, you will gain an understanding of how to handle incidents using consistent, applied approaches in order to resolve. Once an incident is identified, action will be necessary in order to resolve. We will examine processes such as damage recovery, data integrity and preservation, and the collection, handling, reporting, and prevention. You will be introduced to the Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) concepts and how they can be utilized in order to mitigate damages, recover business operations, and avoid critical business interruption. Through the use of the DRP, you will understand the procedures for emergency response and post-disaster recovery.
Course Objectives
1. Describe the risk management process
2. Perform security assessment activities
3. Describe processes for operating and maintaining monitoring systems
4. Identify events of interest
5. Describe the various source systems
6. Interpret reporting findings from monitoring results
7. Describe the incident handling process
8. Contribute to the incident handling process based upon role within the organization
9. Describe the supporting role in forensics investigation processes
10. Describe the supporting role in the business continuity planning process
11. Describe the supporting role in the disaster recovery planning process
이 강좌는 (ISC)² Systems Security Certified Practitioner (SSCP) 전문 분야의 일부입니다.
Identifying, Monitoring, and Analyzing Risk and Incident Response and Recovery
제공자:
470명이 이미 등록했습니다!
강의 계획 - 이 강좌에서 배울 내용
주
1완료하는 데 4시간 필요
Understand the Risk Management Process
Module Topic: Risk Visibility and Reporting, Risk management Concepts, Risk Assessment, Risk Treatment, Audit Findings. In Risk visibility and Reporting, you will learn about risk register, creating a risk register, risk register, and risk management steps. In Risk Management Concepts, you will learn about, key terms, and generic risk model with key factors - NIST SP 800-30 R1. In risk Assessment, you will learn about NIST SP 800- 30 R1 risk assessment methodology, Step 1. prepare for the assessment, Step 2. conduct the assessment, Step 2a. identify threat sources, step 2b. identify potential threat events, step 2c. identify vulnerabilities and predisposing conditions, step 2d. determine likelihood, step 2e. determine impact, step 2f. risk determination, risk level matrix, risk levels, step 3. communicating and sharing risk assessment information, step 4. maintaining the risk assessment, and risk assessment activity. In Risk Treatment, you will learn about, risk mitigation, example control: passwords, control selection, residual risk, risk transference, risk avoidance, and risk acceptance. In audit Findings, you will learn about auditors, types of audits, audit methodologies, auditor responsibilities, audit scope, documentation, and response to audit.
14 videos (Total 84 min), 14 readings, 1 quiz
14개의 동영상
Risk Management Process: Creating a Risk Register7m
Risk Management Process: Risk Register Risk Management Steps8m
Risk Management Process: Key Terms5m
Risk Management Process: Key Terms6m
Risk Management Process: Risk Assessment3m
Risk Management Process: Preparation Steps7m
Risk Management Process: Step 2b4m
Risk Management Process: Quantitative Analysis8m
Risk Management Process: Qualitative Analysis5m
Risk Management Process: Step 33m
Risk Management Process: Risk Treatment5m
Risk Management Process: Risk Avoidance5m
Risk Management Process: Type of Audits7m
14개의 읽기 자료
Risk Management Process: Risk Visibility and Reporting10m
Risk Management Process: Creating a Risk Register10m
Risk Management Process: Risk Register Risk Management Steps10m
Risk Management Process: Key Terms10m
Risk Management Process: Key Terms10m
Risk Management Process: Risk Assessment10m
Risk Management Process: Preparation Steps10m
Risk Management Process: Step 2b10m
Risk Management Process: Quantitative Analysis10m
Risk Management Process: Qualitative Analysis10m
Risk Management Process: Step 310m
Risk Management Process: Risk Treatment10m
Risk Management Process: Risk Avoidance10m
Risk Management Process: Type of Audits10m
1개 연습문제
Quiz 120m
주
2완료하는 데 3시간 필요
Perform Security Assessment Activities
Module Topics: Participate in Security and Test Results, Penetration Testing. In Participate in Security and Test Results, you will learn about vulnerability scanning and analysis, vulnerability testing software categories, vulnerability testing qualities, potential problems, host scanning, host security considerations, traffic types, security gateway types, wireless networking testing, potential security issues, searching for rogue access points, locking down the enterprise, wireless tools, war dialing, and war driving. In Penetration Testing you will learn about penetration testing modes, white box / hat, gray box / hat, black box / hat, phase 1: preparation, reporting, phase 2: reconnaissance and network mapping techniques, reconnaissance, social engineering and low-tech reconnaissance, whois attacks, DNS zone transfers, network mapping, network mapping techniques, firewalking, basic built-in tools, phase 3: information evaluation and risk analysis, phase 4: active penetration, phase 5: analysis and reporting, penetration testing high-level steps.
11 videos (Total 73 min), 11 readings, 1 quiz
11개의 동영상
Security Assessment Activities: Potential Problems6m
Assessment Activities: Security Gateway Types5m
Security Assessment Activities: Potential Security Issues6m
Security Assessment Activities: Penetration Testing6m
Security Assessment Activities: White Box / Hat8m
Security Assessment Activities: Reconnaissance4m
Security Assessment Activities: DNS Zone Transfers7m
Security Assessment Activities: Network Mapping Techniques9m
Security Assessment Activities: Firewalking6m
Security Assessment Activities: Active Penetration6m
11개의 읽기 자료
Security Assessment Activities: Participate in Security and Test Results10m
Security Assessment Activities: Potential Problems10m
Assessment Activities: Security Gateway Types10m
Security Assessment Activities: Potential Security Issues10m
Security Assessment Activities: Penetration Testing10m
Security Assessment Activities: White Box / Hat10m
Security Assessment Activities: Reconnaissance10m
Security Assessment Activities: DNS Zone Transfers10m
Security Assessment Activities: Network Mapping Techniques10m
Security Assessment Activities: Firewalking10m
Security Assessment Activities: Active Penetration10m
1개 연습문제
Quiz 220m
주
3완료하는 데 4시간 필요
Operate and Maintain Monitoring Systems & Analyze and Report Monitoring Results
Module Topics: Events of Interest, Logging, source Systems, Security Analytics, metrics, and Trends, Visualization, Event Data Analysis, Communication of Findings. In Events of Interest you will learn about, monitoring terminology, Intrusion Detection System (IDS)/Intrusion Prevention System (IPS), comparing IDS and IPS, types of IDS/IPS devices, deploying HIDS and NIDS, implementation issues for monitoring, monitoring control, other considerations, sample questions to consider, collecting data for incident response, monitoring response techniques, attackers, attacker motivations, intrusions, events, types of monitoring, and file integrity checkers, continuous/compliance monitoring. In Logging, you will learn about reviewing host logs, reviewing incident logs, log anomalies, log management, clipping levels, filtering, log consolidation, log retention, centralized logging (syslog and log aggregation), syslog, distributed log collectors, hosted logging services, configuring event sources (s-flow, NetFlow, sniffer), Cosco NetFlow, What is an IP Flow, IP packet attributes, understanding network behavior, how to access the data produced by NetFlow, How does the router or switch determine which flows to export to the NetFlow collector server, format of the export data, sFlow, event correlation systems (security, information, and event management (SIEM)), SIEM functions, compliance, enhanced network security and improved IT/security operations, and full packet capture. In Source System, you will learn about comprehensive application, middleware, OS, and infrastructure monitoring, hyper capabilities, and operations manager. Analyze and Report Monitoring: In Security Analytics, Metrics, and Trends, you will learn about security baseline, network security baseline, metrics and analysis (MA), systems security engineering capability maturity model (SSE-CMM), and potential metrics. In visualization topic, you will learn about data visualization tools. In Event Data Analysis, you will learn about logs, log management, log management recommendations, and Potential uses of server log data. In Communication of Findings, you will learn about checklist for report writers and reviewers.
12 videos (Total 75 min), 12 readings, 1 quiz
12개의 동영상
Monitoring Systems: IDS/IPS5m
Monitoring Systems: Implementation Issues for Monitoring6m
Maintain Monitoring Systems: Sample Questions6m
Maintain Monitoring Systems: Attacker Motivations7m
Maintain Monitoring Systems: Logging5m
Maintain Monitoring Systems: Log Anomalies5m
Maintain Monitoring Systems: Log Retention6m
Monitoring Systems: Compliance6m
Monitoring Results: Security Baseline6m
Monitoring Results: SSE-CMM6m
Monitoring Results: Potential Uses of Server Log Data6m
12개의 읽기 자료
Monitoring Systems: Monitoring Terminology10m
Monitoring Systems: IDS/IPS10m
Monitoring Systems: Implementation Issues for Monitoring10m
Maintain Monitoring Systems: Sample Questions10m
Maintain Monitoring Systems: Attacker Motivations10m
Maintain Monitoring Systems: Logging10m
Maintain Monitoring Systems: Log Anomalies10m
Maintain Monitoring Systems: Log Retention10m
Monitoring Systems: Compliance10m
Monitoring Results: Security Baseline10m
Monitoring Results: SSE-CMM10m
Monitoring Results: Potential Uses of Server Log Data10m
1개 연습문제
Quiz 320m
주
4완료하는 데 4시간 필요
Incident Response and Recovery
Module Topics: Preparation, Detection and Analysis, Containment, Eradication, and Recovery, Post-Incident Activity, Implementation of Countermeasures. In Introduction, you will learn about incident response, and basic definitions. In preparation, you will learn about elements of an incident response policy, incident response plan, training, incident response tools, communication planning, communication with law enforcement, media, requirements for effective incident handling, the incident response team, core team areas, centralized and decentralized teams, team structure, team conditions that support success, and other considerations. In Detection and Analysis, you will learn about Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS), types of intrusion systems, intrusion detection techniques, false positives and false negatives, anti-malware systems, security information event management (SIEM), Incident analysis, packet sniffers, Inline SSL decryption devices, incident documentation, records, assessing risk, response, containment strategy considerations, Delaying containment, areas of focus, defining an incident, triage, and notification. In Containment, Eradication, and Recovery, you will learn about common containment activities, and eradication. In post-incident activity, you will learn about effective incident response. In implementation of Countermeasures, you will learn about implementation steps.
13 videos (Total 77 min), 13 readings, 1 quiz
13개의 동영상
Incident Handling: Preparation6m
Incident Handling: Training6m
Incident Handling: Communication Planning7m
Incident Handling: The Incident Response Team7m
Incident Handling: IDS and IPS4m
Incident Handling: Intrusion Detection Techniques7m
Incident Handling: Anti-Malware Systems2m
Incident Handling: Packet Sniffers6m
Incident Handling: SSL Decryption Devices4m
Incident Handling: Records6m
Incident Handling: Delaying Containment6m
Incident Handling: Containment, Eradication, and Recovery4m
13개의 읽기 자료
Incident Handling: Incident Response10m
Incident Handling: Preparation10m
Incident Handling: Training10m
Incident Handling: Communication Planning10m
Incident Handling: The Incident Response Team10m
Incident Handling: IDS and IPS10m
Incident Handling: Intrusion Detection Techniques10m
Incident Handling: Anti-Malware Systems10m
Incident Handling: Packet Sniffers10m
Incident Handling: SSL Decryption Devices10m
Incident Handling: Records10m
Incident Handling: Delaying Containment10m
Incident Handling: Containment, Eradication, and Recovery10m
1개 연습문제
Quiz 420m
주
5완료하는 데 5시간 필요
Understand and Support Forensic Investigations & Business Continuity and Disaster Recovery Plan
Module Topic: Forensic Investigations, Emergency Response Plans and Procedures, Disaster Recovery Planning, Interim or Alternate processing Strategies, Backup and Redundancy Implementation, System and Data Availability, Testing and Drills. Understand and Support Forensic Investigations: In Forensic Investigations, you will learn about crime scene, live evidence, Locard's principle, criminal behavior, incident response team, general guidelines, rules of thumb, evidence gathering, Hash algorithms, criminal charges, documentation, five rules of evidence, media analysis, network analysis, software analysis, author identification, content analysis, context analysis, hardware/embedded device analysis, NIST recommendations, and incident response. Understand and Support Business Continuity Plan: In Emergency Response Plans and Procedures, you will learn about business continuity planning, establish a business continuity program, Business Impact Analysis (BIA), key concepts, maximum tolerable downtime (MTD), Recovery Time Objective (RTO), Recovery Point Objective (RPO), Financial and Nonfinancial impacts, stakeholder input, BIA completion process, BIA project stages, Identify critical IT resources, Identify disruption impacts, and development recovery priorities. In Disaster Recovery Planning, you will learn about Identity types of potential disasters, assets, personnel considerations, and related documents. In Interim or Alternate Processing Strategies, you will learn about cold site, warm site, hot site, multiple processing sites, and mobile sites. In Backup and Redundancy Implementation, you will learn about full backup, differential backup, incremental backup, evaluating alternatives, Off-site storage, electronic vaulting, and remote journaling. In System and Data Availability, you will learn about clustering, high-availability clustering, load-balancing clustering, redundant array of independent disks (RAID), data redundancy techniques, and RAID levels. In Testing and Drills, you will learn about checklist test, structured walkthrough test, simulation testing, parallel testing, full interruption testing, and plan review and maintenance.
18 videos (Total 106 min), 18 readings, 1 quiz
18개의 동영상
Forensic Investigation: General Guidelines7m
Forensic Investigation: Hash Algorithms7m
BCP and DRP: Emergency Response5m
BCP and DRP: Comparing BCP and DRP5m
BCP and DRP: Business Impact Analysis3m
BCP and DRP: Recovery Time Objective5m
BCP and DRP: BIA4m
BCP and DRP: Business Continuity Activity4m
BCP and DRP: Disaster Recovery Planning7m
BCP and DRP: Related Documents6m
BCP and DRP: Multiple Processing Sites3m
BCP and DRP: Backup and Redundancy Implementation7m
BCP and DRP: Off-Site Storage6m
BCP and DRP: RAID Levels4m
BCP and DRP: RAID Levels7m
BCP and DRP: Testing and Drills5m
BCP and DRP: Full Interruption Testing6m
18개의 읽기 자료
Forensic Investigation: Crime Scene10m
Forensic Investigation: General Guidelines10m
Forensic Investigation: Hash Algorithms10m
BCP and DRP: Emergency Response10m
BCP and DRP: Comparing BCP and DRP10m
BCP and DRP: Business Impact Analysis10m
BCP and DRP: Recovery Time Objective10m
BCP and DRP: BIA10m
BCP and DRP: Business Continuity Activity10m
BCP and DRP: Disaster Recovery Planning10m
BCP and DRP: Related Documents10m
BCP and DRP: Multiple Processing Sites10m
BCP and DRP: Backup and Redundancy Implementation10m
BCP and DRP: Off-Site Storage10m
BCP and DRP: RAID Levels10m
BCP and DRP: RAID Levels10m
BCP and DRP: Testing and Drills10m
BCP and DRP: Full Interruption Testing10m
1개 연습문제
Quiz 520m
주
6완료하는 데 2시간 필요
Case Study
This assignment is based on a case study that will require the student to put into practice the knowledge they have gained through the course. It requires the basic understanding of the topics and the ability to relate those topics to the real world. The objective of review is to determine whether the student has understood the concepts and has performed the necessary analysis to ensure a complete and thorough answer.
1 quiz
주
7완료하는 데 1시간 필요
Exam
1 reading, 1 quiz
1개의 읽기 자료
SSCP Exam Information10m
1개 연습문제
End-of-Course Exam30m
4.9
4개의 리뷰최상위 리뷰
this was the best of all the courses that i have gone through i think i might say that now i can be able to detect incidence and recovery by now
Course was really helpful for all the security professionals.
강사
(ISC)² Education & Training
Education & Training
(ISC)² 정보
(ISC)² is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP®) certification, (ISC)2 offers a portfolio of credentials that are part of a holistic, programmatic approach to security. www.isc2.org
(ISC)² Systems Security Certified Practitioner (SSCP) 전문 분야 정보
Pursue better IT security job opportunities and prove knowledge with confidence. The SSCP Professional Training Certificate shows employers you have the IT security foundation to defend against cyber attacks – and puts you on a clear path to earning SSCP certification.
Learn on your own schedule with 120-day access to content aligned with the latest (ISC)2 SSCP exam domains. We’re offering the complete online self-paced program for only $1,000 – a $200 savings when you get all domains bundled together.
3 Steps to Career Advancement
1. Register for the course
2. Gain access for 120 days
3. Register and sit for the SSCP certification exam
Upon completing the SSCP Professional Certificate, you will:
1. Complete six courses of preparing you to sit for the Systems Security Certified Practitioner (SSCP) certification exam as outlined below.
Course 1 - Access Controls
Course 2 - Security Operations and Administration
Course 3 - Risk Identification, Monitoring, and Analysis/Incident Response and Recovery
Course 4 - Cryptography
Course 5 - Network and Communication Security
Course 6 - Systems and Application Security
2. Receive a certificate of program completion.
3. Understand how to implement, monitor and administer an organization’s IT infrastructure in accordance with security policies and procedures that ensure data confidentiality, integrity and availability.
자주 묻는 질문
등록 전에 강좌를 미리 볼 수 있나요?
예. 등록하기 전에 첫 번째 비디오를 미리 보고 강의 계획을 검토할 수 있습니다. 미리 보기에 포함되지 않은 콘텐츠를 이용하려면 강좌를 구매해야 합니다.
강의 및 과제를 언제 이용할 수 있게 되나요?
세션 시작일 전에 강좌에 등록하면 해당 강좌의 모든 강의 비디오 및 읽기 자료에 접근할 수 있습니다. 수업이 시작되면 과제를 제출할 수 있습니다.
등록하면 무엇을 이용할 수 있나요?
등록 후 세션이 시작되면 읽기 자료 항목 및 강좌 토론 포럼을 포함하여 모든 비디오와 기타 리소스를 이용할 수 있습니다. 연습 평가를 보고 제출하며 필요한 성적 평가 과제를 완료하여 성적을 받고 강좌 수료증을 취득할 수 있습니다.
강좌 수료증을 언제 받게 되나요?
강좌를 성공적으로 수료하면 전자 강좌 수료증이 성취도 페이지에 추가됩니다. 해당 페이지에서 강좌 수료증을 인쇄하거나 LinkedIn 프로필에 수료증을 추가할 수 있습니다.
이 강좌를 청강할 수 없는 이유는 무엇인가요?
이 강좌는 현재 Coursera에서 수업료를 결제했거나 재정 지원(해당하는 경우)을 받은 학습자만 이용할 수 있는 강좌입니다.
환불 규정은 어떻게 되나요?
How long does it take to complete the course?
The course schedule contains approximately 21 hours of content material covering lectures, reading materials, a case study, and quizzes broken up over the course of 7 weeks
궁금한 점이 더 있으신가요? 학습자 도움말 센터를 방문해 보세요.
Coursera는 세계 최고의 교육에 대한 보편적인 접근 기회를 제공하며,
최고의 대학 및 기관들과 제휴하여 온라인 강좌를 제공합니다.
© 2019 Coursera Inc. All rights reserved.
