Overview

This course examines the preparation, detect, reaction, and recovery activities associated with Cybersecurity incident management. It describes each aspect of incident response, disaster recovery, business continuity, and crisis management operations, focusing on the planning and preparation phases.  

The course contains eight modules.  Six of these modules are lectures, and two contain projects.  This course is self-paced and may be completed in less than 24 hours of work. You have six months to complete the course. If during the course you have any questions, please post your questions in the discussion forums. The moderator should answer within two business days

Recommended Prerequisites

• A general understanding of Information Technology
• Course 1 Cybersecurity Foundations

Textbooks

Required

Computer Security Incident Handling Guide, NIST SP 800-61 Rev. 2, Cichonski, Millar, Grance & Scarfone. This PDF is a free download.

Contingency Planning Guide for Federal Information Systems, NIST SP 800-34 Rev. 1, Swanson, Bowen, Phillips, Gallup & Lynes. This PDF is a free download.

Recommended

Principles of Incident Response & Disaster Recovery, Whitman & Mattord, Cengage Learning. This textbook is strongly recommended but not required to successfully complete this course.

Other References

See the NIST special publication library for additional documents which may support your understanding of the material.

This is course 4 in the KSU Introduction to Cybersecurity Certificate.