SECOPS: Handling Incident Events and Evidence

SECOPS: Handling Incident Events and Evidence

Overview/Description
Expected Duration
Lesson Objectives
Course Number
Expertise Level

Overview/Description

Explore how NIST SP800-61 r2 is used to process an incident event and the recommended incident handling process. Examine evidence handling, as documented in NIST SP800-86 and how to apply VERIS schema categories to incident handling events.

Expected Duration (hours)
1.3

Lesson Objectives

SECOPS: Handling Incident Events and Evidence

use NIST SP800-61 r2 incident handling to process an incident event and describe the recommended incident handling process

describe evidence handling as documented in NIST SP800-86 and its importance in forensics

describe how to apply VERIS schema categories to incident handling events

Course Number:
it_secopstv_21_enus

Expertise Level
Intermediate