This course covers the six phases of incident handling and responding as follows:
0- Introduction: Includes the definition of an event, incident, as well as the difference between them
1- Preparation Phase: Shows the elements of preparation and the team building,
2- Identification Phase: Demonstrates where identification occurs and the assessment for identification
3- Containment: Explains the deployment and categorization needed as well as the short/long- term actions taken
4- Eradication: Stresses on restoring systems and improving defenses
5- Recovery: Elaborates the validation and monitoring required for attacked systems
6- Lessons Learned: Confirms the importance of meeting as a team to fix and improve and to share our experiences with others
The course targets cybersecurity officers and incident handlers, and the material requires only basic IT knowledge and a little of cybersecurity background.
It is worth noting that incident response is a structured approach to handle various types of security incidents, cyber threats, and data breaches. The incident response methodology aims to identify, contain, and minimize the cost of a cyberattack or a live incident. A well-built incident response (IR) plan can fix a potential vulnerability to prevent future attacks, but it is not the sum game. Response is a part of Incident Handling which in turn looks at the logistics, communications, synchronicity, and planning required to resolve an incident.