Internet And Network Technologies
Security Triage Automation
Security Incident Triage
it_sastradj_01_enus
Security Incident Triage
Lesson Objectives
Security Incident Triage
- discover the key concepts covered in this course
- describe the concepts of security triage and strategies to implement triage
- describe the tools used in security triage
- describe automation techniques in security triage
- describe common tips and rules of thumb for security triage
- describe the importance of communication and stakeholder management in security triage
- describe approaches to detecting anomalies and handling them with security triage
- describe common protocol anomalies that require triage
- describe monitoring for incidents in security triage
- analyze SSH activity and describe security events to look for
- analyze DNS activity and describe security events to look for
- analyze HTTPS activity and describe security events to look for
- analyze system log activity and describe security events to look for
- summarize the key concepts covered in this course
Overview/Description
Explore the importance of security incident triage in handling incidents in a timely and automated manner. Familiarize yourself with anomalies and activities that often require triage.
Target
Prerequisites: none