Über diesen Kurs

33,921 kürzliche Aufrufe

Risk Identification, Monitoring, and Analysis: In the Risk Identification, Monitoring, and Analysis session, you will learn how to identify, measure, and control losses associated with adverse events. You will review, analyze, select, and evaluate safeguards for mitigating risk.You will learn processes for collecting information, providing methods of identifying security events, assigning priority levels, taking the appropriate actions, and reporting the findings to the correct individuals. After collection of the details from monitoring, we can analyze to determine if the system is being operated in accordance with accepted industry practices, and in compliance with organization policies and procedures.        
 Incident Response and Recovery: In the Incident Response and Recovery Session, you will gain an understanding of how to handle incidents using consistent, applied approaches in order to resolve. Once an incident is identified, action will be necessary in order to resolve. We will examine processes such as damage recovery, data integrity and preservation, and the collection, handling, reporting, and prevention. You will be introduced to the Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) concepts and how they can be utilized in order to mitigate damages, recover business operations, and avoid critical business interruption. Through the use of the DRP, you will understand the procedures for emergency response and post-disaster recovery.    

 Course Objectives  

 Describe the risk management process
Perform security assessment activities
Describe processes for operating and maintaining monitoring systems
Identify events of interest
Describe the various source systems
Interpret reporting findings from monitoring results
Describe the incident handling process
Contribute to the incident handling process based upon role within the organization
Describe the supporting role in forensics investigation processes
Describe the supporting role in the business continuity planning process
Describe the supporting role in the disaster recovery planning process

Kurs 3 von 6 in

(ISC)² Systems Security Certified Practitioner (SSCP)

100 % online

Beginnen Sie sofort und lernen Sie in Ihrem eigenen Tempo.

Flexible Fristen

Setzen Sie Fristen gemäß Ihrem Zeitplan zurück.

Stufe „Anfänger“

Ca. 18 Stunden zum Abschließen

Englisch

Untertitel: Englisch

Kurs 3 von 6 in

(ISC)² Systems Security Certified Practitioner (SSCP)

100 % online

Beginnen Sie sofort und lernen Sie in Ihrem eigenen Tempo.

Flexible Fristen

Setzen Sie Fristen gemäß Ihrem Zeitplan zurück.

Stufe „Anfänger“

Ca. 18 Stunden zum Abschließen

Englisch

Untertitel: Englisch

Lehrplan - Was Sie in diesem Kurs lernen werden

Woche

1

4 Stunden zum Abschließen

Understand the Risk Management Process

Module Topic: Risk Visibility and Reporting, Risk management Concepts, Risk Assessment, Risk Treatment, Audit Findings. In Risk visibility and Reporting, you will learn about risk register, creating a risk register, risk register, and risk management steps. In Risk Management Concepts, you will learn about, key terms, and generic risk model with key factors - NIST SP 800-30 R1. In risk Assessment, you will learn about NIST SP 800- 30 R1 risk assessment methodology, Step 1. prepare for the assessment, Step 2. conduct the assessment, Step 2a. identify threat sources, step 2b. identify potential threat events, step 2c. identify vulnerabilities and predisposing conditions, step 2d. determine likelihood, step 2e. determine impact, step 2f. risk determination, risk level matrix, risk levels, step 3. communicating and sharing risk assessment information, step 4. maintaining the risk assessment, and risk assessment activity. In Risk Treatment, you will learn about, risk mitigation, example control: passwords, control selection, residual risk, risk transference, risk avoidance, and risk acceptance. In audit Findings, you will learn about auditors, types of audits, audit methodologies, auditor responsibilities, audit scope, documentation, and response to audit.

14 Videos (Gesamt 84 min), 14 Lektüren, 1 Quiz

14 Videos

Risk Management Process: Risk Visibility and Reporting4m

Risk Management Process: Creating a Risk Register7m

Risk Management Process: Risk Register Risk Management Steps8m

Risk Management Process: Key Terms5m

Risk Management Process: Key Terms6m

Risk Management Process: Risk Assessment3m

Risk Management Process: Preparation Steps7m

Risk Management Process: Step 2b4m

Risk Management Process: Quantitative Analysis8m

Risk Management Process: Qualitative Analysis5m

Risk Management Process: Step 33m

Risk Management Process: Risk Treatment5m

Risk Management Process: Risk Avoidance5m

Risk Management Process: Type of Audits7m

14 Lektüren

Risk Management Process: Risk Visibility and Reporting10m

Risk Management Process: Creating a Risk Register10m

Risk Management Process: Risk Register Risk Management Steps10m

Risk Management Process: Key Terms10m

Risk Management Process: Risk Assessment10m

Risk Management Process: Preparation Steps10m

Risk Management Process: Step 2b10m

Risk Management Process: Quantitative Analysis10m

Risk Management Process: Qualitative Analysis10m

Risk Management Process: Step 310m

Risk Management Process: Risk Treatment10m

Risk Management Process: Risk Avoidance10m

Risk Management Process: Type of Audits10m

1 praktische Übung

Quiz 120m

Woche

2

3 Stunden zum Abschließen

Perform Security Assessment Activities

Module Topics: Participate in Security and Test Results, Penetration Testing. In Participate in Security and Test Results, you will learn about vulnerability scanning and analysis, vulnerability testing software categories, vulnerability testing qualities, potential problems, host scanning, host security considerations, traffic types, security gateway types, wireless networking testing, potential security issues, searching for rogue access points, locking down the enterprise, wireless tools, war dialing, and war driving. In Penetration Testing you will learn about penetration testing modes, white box / hat, gray box / hat, black box / hat, phase 1: preparation, reporting, phase 2: reconnaissance and network mapping techniques, reconnaissance, social engineering and low-tech reconnaissance, whois attacks, DNS zone transfers, network mapping, network mapping techniques, firewalking, basic built-in tools, phase 3: information evaluation and risk analysis, phase 4: active penetration, phase 5: analysis and reporting, penetration testing high-level steps.

11 Videos (Gesamt 73 min), 11 Lektüren, 1 Quiz

11 Videos

Security Assessment Activities: Participate in Security and Test Results6m

Security Assessment Activities: Potential Problems6m

Assessment Activities: Security Gateway Types5m

Security Assessment Activities: Potential Security Issues6m

Security Assessment Activities: Penetration Testing6m

Security Assessment Activities: White Box / Hat8m

Security Assessment Activities: Reconnaissance4m

Security Assessment Activities: DNS Zone Transfers7m

Security Assessment Activities: Network Mapping Techniques9m

Security Assessment Activities: Firewalking6m

Security Assessment Activities: Active Penetration6m

11 Lektüren

Security Assessment Activities: Participate in Security and Test Results10m

Security Assessment Activities: Potential Problems10m

Assessment Activities: Security Gateway Types10m

Security Assessment Activities: Potential Security Issues10m

Security Assessment Activities: Penetration Testing10m

Security Assessment Activities: White Box / Hat10m

Security Assessment Activities: Reconnaissance10m

Security Assessment Activities: DNS Zone Transfers10m

Security Assessment Activities: Network Mapping Techniques10m

Security Assessment Activities: Firewalking10m

Security Assessment Activities: Active Penetration10m

1 praktische Übung

Quiz 220m

Woche

3

4 Stunden zum Abschließen

Operate and Maintain Monitoring Systems & Analyze and Report Monitoring Results

Module Topics: Events of Interest, Logging, source Systems, Security Analytics, metrics, and Trends, Visualization, Event Data Analysis, Communication of Findings. In Events of Interest you will learn about, monitoring terminology, Intrusion Detection System (IDS)/Intrusion Prevention System (IPS), comparing IDS and IPS, types of IDS/IPS devices, deploying HIDS and NIDS, implementation issues for monitoring, monitoring control, other considerations, sample questions to consider, collecting data for incident response, monitoring response techniques, attackers, attacker motivations, intrusions, events, types of monitoring, and file integrity checkers, continuous/compliance monitoring. In Logging, you will learn about reviewing host logs, reviewing incident logs, log anomalies, log management, clipping levels, filtering, log consolidation, log retention, centralized logging (syslog and log aggregation), syslog, distributed log collectors, hosted logging services, configuring event sources (s-flow, NetFlow, sniffer), Cosco NetFlow, What is an IP Flow, IP packet attributes, understanding network behavior, how to access the data produced by NetFlow, How does the router or switch determine which flows to export to the NetFlow collector server, format of the export data, sFlow, event correlation systems (security, information, and event management (SIEM)), SIEM functions, compliance, enhanced network security and improved IT/security operations, and full packet capture. In Source System, you will learn about comprehensive application, middleware, OS, and infrastructure monitoring, hyper capabilities, and operations manager. Analyze and Report Monitoring: In Security Analytics, Metrics, and Trends, you will learn about security baseline, network security baseline, metrics and analysis (MA), systems security engineering capability maturity model (SSE-CMM), and potential metrics. In visualization topic, you will learn about data visualization tools. In Event Data Analysis, you will learn about logs, log management, log management recommendations, and Potential uses of server log data. In Communication of Findings, you will learn about checklist for report writers and reviewers.

12 Videos (Gesamt 75 min), 12 Lektüren, 1 Quiz

12 Videos

Monitoring Systems: Monitoring Terminology5m

Monitoring Systems: IDS/IPS5m

Monitoring Systems: Implementation Issues for Monitoring6m

Maintain Monitoring Systems: Sample Questions6m

Maintain Monitoring Systems: Attacker Motivations7m

Maintain Monitoring Systems: Logging5m

Maintain Monitoring Systems: Log Anomalies5m

Maintain Monitoring Systems: Log Retention6m

Monitoring Systems: Compliance6m

Monitoring Results: Security Baseline6m

Monitoring Results: SSE-CMM6m

Monitoring Results: Potential Uses of Server Log Data6m

12 Lektüren

Monitoring Systems: Monitoring Terminology10m

Monitoring Systems: IDS/IPS10m

Monitoring Systems: Implementation Issues for Monitoring10m

Maintain Monitoring Systems: Sample Questions10m

Maintain Monitoring Systems: Attacker Motivations10m

Maintain Monitoring Systems: Logging10m

Maintain Monitoring Systems: Log Anomalies10m

Maintain Monitoring Systems: Log Retention10m

Monitoring Systems: Compliance10m

Monitoring Results: Security Baseline10m

Monitoring Results: SSE-CMM10m

Monitoring Results: Potential Uses of Server Log Data10m

1 praktische Übung

Quiz 320m

Woche

4

4 Stunden zum Abschließen

Incident Response and Recovery

Module Topics: Preparation, Detection and Analysis, Containment, Eradication, and Recovery, Post-Incident Activity, Implementation of Countermeasures. In Introduction, you will learn about incident response, and basic definitions. In preparation, you will learn about elements of an incident response policy, incident response plan, training, incident response tools, communication planning, communication with law enforcement, media, requirements for effective incident handling, the incident response team, core team areas, centralized and decentralized teams, team structure, team conditions that support success, and other considerations. In Detection and Analysis, you will learn about Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS), types of intrusion systems, intrusion detection techniques, false positives and false negatives, anti-malware systems, security information event management (SIEM), Incident analysis, packet sniffers, Inline SSL decryption devices, incident documentation, records, assessing risk, response, containment strategy considerations, Delaying containment, areas of focus, defining an incident, triage, and notification. In Containment, Eradication, and Recovery, you will learn about common containment activities, and eradication. In post-incident activity, you will learn about effective incident response. In implementation of Countermeasures, you will learn about implementation steps.

13 Videos (Gesamt 77 min), 13 Lektüren, 1 Quiz

13 Videos

Incident Handling: Incident Response6m

Incident Handling: Preparation6m

Incident Handling: Training6m

Incident Handling: Communication Planning7m

Incident Handling: The Incident Response Team7m

Incident Handling: IDS and IPS4m

Incident Handling: Intrusion Detection Techniques7m

Incident Handling: Anti-Malware Systems2m

Incident Handling: Packet Sniffers6m

Incident Handling: SSL Decryption Devices4m

Incident Handling: Records6m

Incident Handling: Delaying Containment6m

Incident Handling: Containment, Eradication, and Recovery4m

13 Lektüren

Incident Handling: Incident Response10m

Incident Handling: Preparation10m

Incident Handling: Training10m

Incident Handling: Communication Planning10m

Incident Handling: The Incident Response Team10m

Incident Handling: IDS and IPS10m

Incident Handling: Intrusion Detection Techniques10m

Incident Handling: Anti-Malware Systems10m

Incident Handling: Packet Sniffers10m

Incident Handling: SSL Decryption Devices10m

Incident Handling: Records10m

Incident Handling: Delaying Containment10m

Incident Handling: Containment, Eradication, and Recovery10m

1 praktische Übung

Quiz 420m

Woche

5

5 Stunden zum Abschließen

Understand and Support Forensic Investigations & Business Continuity and Disaster Recovery Plan

Module Topic: Forensic Investigations, Emergency Response Plans and Procedures, Disaster Recovery Planning, Interim or Alternate processing Strategies, Backup and Redundancy Implementation, System and Data Availability, Testing and Drills. Understand and Support Forensic Investigations: In Forensic Investigations, you will learn about crime scene, live evidence, Locard's principle, criminal behavior, incident response team, general guidelines, rules of thumb, evidence gathering, Hash algorithms, criminal charges, documentation, five rules of evidence, media analysis, network analysis, software analysis, author identification, content analysis, context analysis, hardware/embedded device analysis, NIST recommendations, and incident response. Understand and Support Business Continuity Plan: In Emergency Response Plans and Procedures, you will learn about business continuity planning, establish a business continuity program, Business Impact Analysis (BIA), key concepts, maximum tolerable downtime (MTD), Recovery Time Objective (RTO), Recovery Point Objective (RPO), Financial and Nonfinancial impacts, stakeholder input, BIA completion process, BIA project stages, Identify critical IT resources, Identify disruption impacts, and development recovery priorities. In Disaster Recovery Planning, you will learn about Identity types of potential disasters, assets, personnel considerations, and related documents. In Interim or Alternate Processing Strategies, you will learn about cold site, warm site, hot site, multiple processing sites, and mobile sites. In Backup and Redundancy Implementation, you will learn about full backup, differential backup, incremental backup, evaluating alternatives, Off-site storage, electronic vaulting, and remote journaling. In System and Data Availability, you will learn about clustering, high-availability clustering, load-balancing clustering, redundant array of independent disks (RAID), data redundancy techniques, and RAID levels. In Testing and Drills, you will learn about checklist test, structured walkthrough test, simulation testing, parallel testing, full interruption testing, and plan review and maintenance.

18 Videos (Gesamt 106 min), 18 Lektüren, 1 Quiz

18 Videos

Forensic Investigation: Crime Scene6m

Forensic Investigation: General Guidelines7m

Forensic Investigation: Hash Algorithms7m

BCP and DRP: Emergency Response5m

BCP and DRP: Comparing BCP and DRP5m

BCP and DRP: Business Impact Analysis3m

BCP and DRP: Recovery Time Objective5m

BCP and DRP: BIA4m

BCP and DRP: Business Continuity Activity4m

BCP and DRP: Disaster Recovery Planning7m

BCP and DRP: Related Documents6m

BCP and DRP: Multiple Processing Sites3m

BCP and DRP: Backup and Redundancy Implementation7m

BCP and DRP: Off-Site Storage6m

BCP and DRP: RAID Levels4m

BCP and DRP: RAID Levels7m

BCP and DRP: Testing and Drills5m

BCP and DRP: Full Interruption Testing6m

18 Lektüren

Forensic Investigation: Crime Scene10m

Forensic Investigation: General Guidelines10m

Forensic Investigation: Hash Algorithms10m

BCP and DRP: Emergency Response10m

BCP and DRP: Comparing BCP and DRP10m

BCP and DRP: Business Impact Analysis10m

BCP and DRP: Recovery Time Objective10m

BCP and DRP: BIA10m

BCP and DRP: Business Continuity Activity10m

BCP and DRP: Disaster Recovery Planning10m

BCP and DRP: Related Documents10m

BCP and DRP: Multiple Processing Sites10m

BCP and DRP: Backup and Redundancy Implementation10m

BCP and DRP: Off-Site Storage10m

BCP and DRP: RAID Levels10m

BCP and DRP: Testing and Drills10m

BCP and DRP: Full Interruption Testing10m

1 praktische Übung

Quiz 520m

Woche

6

2 Stunden zum Abschließen

Case Study

This assignment is based on a case study that will require the student to put into practice the knowledge they have gained through the course. It requires the basic understanding of the topics and the ability to relate those topics to the real world. The objective of review is to determine whether the student has understood the concepts and has performed the necessary analysis to ensure a complete and thorough answer.

1 Quiz

Woche

7

1 Stunde zum Abschließen

Exam

1 Lektüre, 1 Quiz

1 Lektüre

SSCP Exam Information10m

1 praktische Übung

End-of-Course Exam30m

Dozent

(ISC)² Education & Training

Education & Training

Häufig gestellte Fragen

Kann ich vor der Anmeldung eine Vorschau des Kurses ansehen?
Ja, Sie können eine Vorschau des ersten Videos und den Lehrplan ansehen, bevor Sie sich anmelden. Sie müssen den Kurs kaufen, um Zugriff auf die Inhalte zu erhalten, die nicht in der Vorschau inbegriffen sind.
Wann erhalte ich Zugang zu den Vorträgen und Aufgaben?
Wenn Sie sich vor dem Startdatum der ersten Kurseinheit anmelden, haben Sie Zugriff auf alle Vortragsvideos und Texte für den Kurs. Sobald die erste Kurseinheit beginnt, können Sie Aufgaben einreichen.
Was bekomme ich, wenn ich mich anmelde?
Sobald Sie sich anmelden und Ihre Kurseinheit beginnt, haben Sie Zugriff auf alle Videos und andere Ressourcen, einschließlich der Texte und des Kurs-Diskussionsforums. Sie können praktische Aufgaben ansehen und einreichen und erforderliche bewertete Aufgaben abschließen, um eine Bewertung und ein Kurszertifikat zu erhalten.
Wann erhalte ich mein Kurszertifikat?
Wenn Sie den Kurs erfolgreich abschließen, wird der Seite „Errungenschaften“ Ihr elektronisches Kurszertifikat hinzugefügt – von dort können Sie Ihr Kurszertifikat ausdrucken oder es zu Ihrem LinkedIn-Profil hinzufügen.
Warum kann ich nicht als Gast an diesem Kurs teilnehmen?
Dieser Kurs ist einer der wenigen auf Coursera angebotenen Kurse, die derzeit ausschließlich für Kursteilnehmer zugänglich sind, die bezahlt oder finanzielle Unterstützung erhalten haben, wenn diese verfügbar ist.
Wie erfolgen Rückerstattungen?
How long does it take to complete the course?
The course schedule contains approximately 21 hours of content material covering lectures, reading materials, a case study, and quizzes broken up over the course of 7 weeks

Haben Sie weitere Fragen? Besuchen Sie das Hilfe-Center für Teiln..

Identifying, Monitoring, and Analyzing Risk and Incident Response and Recovery

Kurs 3 von 6 in

100 % online

Flexible Fristen

Stufe „Anfänger“

Ca. 18 Stunden zum Abschließen

Englisch

Kurs 3 von 6 in

100 % online

Flexible Fristen

Stufe „Anfänger“

Ca. 18 Stunden zum Abschließen

Englisch

Lehrplan - Was Sie in diesem Kurs lernen werden

Understand the Risk Management Process

Perform Security Assessment Activities

Operate and Maintain Monitoring Systems & Analyze and Report Monitoring Results

Incident Response and Recovery

Understand and Support Forensic Investigations & Business Continuity and Disaster Recovery Plan

Case Study

Exam

Top-Bewertungen von Identifying, Monitoring, and Analyzing Risk and Incident Response and Recovery

Dozent

(ISC)² Education & Training

Über (ISC)²

Über den (ISC)² Systems Security Certified Practitioner (SSCP)

Häufig gestellte Fragen