Information Security Incident Management (Part 2)


Overview/Description
Target Audience
Prerequisites
Expected Duration
Lesson Objectives
Course Number
Expertise Level


Overview/Description
In this course, the candidate will learn how to plan, establish and manage the capability to detect, investigate, respond to and recover from information security incidents. This course helps prepare the student for the CISM exam Domain 4.

Target Audience
Security practitioners who have at least five years of work experience in the field of information security, and with at least three years in the role of information security manager

Prerequisites
None

Expected Duration (hours)
0.4

Lesson Objectives

Information Security Incident Management (Part 2)

  • start the course
  • describe incident reporting requirements and procedures
  • define post-incident review practices and investigations
  • quantify damages, costs and business impacts
  • detect, log, analyze and document events
  • classify resources for investigation of incidents
  • identify impact of changes to the environment
  • know techniques to test the incident response plan
  • specify regulatory, legal and organization requirements
  • define KPIs and metrics to evaluate the response plan
  • define InfoSec security management

    • Course Number:
    sp_cesm_a08_it_enus

    Expertise Level
    Intermediate