• Length:
    4 Weeks
  • Effort:
    2–4 hours per week
  • Price:

    FREE
    Add a Verified Certificate for $99 USD

  • Institution
  • Subject:
  • Level:
    Intermediate
  • Language:
    English
  • Video Transcript:
    English

Prerequisites

  • A understanding of the current cybersecurity ecosystem.

About this course

This course is part of the Microsoft Professional Program in Cybersecurity.

This course is designed to help you manage an enterprise security incident, while avoiding common errors, increasing both the effectiveness and efficiency of your incident response efforts.

What you'll learn

After completing this course, students will be able to:
  • Effectively prioritize the response to a security incident
  • Build a computer security incident response team (CSIRT)
  • Develop an incident response action plan
  • List appropriate post-incident activities
Module 1
  • Introduction
  • What is threat modelling?
  • The need for incident response plans
  • Assess vulnerabilities in your environment
  • Establish routine monitoring and review of network traffic and system performance
  • Log analysis
Module 2
  • Incident Response Policy, Plan, and Procedure Creation
  • Creation of a CSIRT
  • Establish CSIRT team roles
  • Establish governing policy
Module 3
  • Initial assessment of incident
  • Attack vectors
  • What are false positives and false negatives?
  • Determine the nature of the attack
  • Identify the systems that have been compromised
  • Choosing a containment strategy
Module 4
  • Post-incident activity
  • Protect the evidence while restoring functionality
  • Recommendations and Lessons learned
  • Security incident report

Meet your instructors

Philip E. Helsel
Senior Content Developer, Learning eXperiences Team
Microsoft
Kimberly Rasmusson-Anderson
Senior Content Developer, Learning eXperiences Team
Microsoft

Pursue a Verified Certificate to highlight the knowledge and skills you gain $99.00

View a PDF of a sample edX certificate
  • Official and Verified

    Receive an instructor-signed certificate with the institution's logo to verify your achievement and increase your job prospects

  • Easily Shareable

    Add the certificate to your CV or resume, or post it directly on LinkedIn

  • Proven Motivator

    Give yourself an additional incentive to complete the course

  • Support our Mission

    EdX, a non-profit, relies on verified certificates to help fund free education for everyone globally

Who can take this course?

Unfortunately, learners from one or more of the following countries or regions will not be able to register for this course: Iran, Cuba and the Crimea region of Ukraine. While edX has sought licenses from the U.S. Office of Foreign Assets Control (OFAC) to offer our courses to learners in these countries and regions, the licenses we have received are not broad enough to allow us to offer this course in all locations. EdX truly regrets that U.S. sanctions prevent us from offering all of our courses to everyone, no matter where they live.