Skip to main content

Undergraduate spring application deadline is December 1 for spring term.

CYBR 445 Cyber Incident Response and Handling

As cyber breaches and intrusions continue to increase, enterprises are now looking to hire professionals who can identify and respond to breaches and incidents before they have adverse impacts on information systems and data networks. This course provides an in-depth coverage of applying Digital Forensics and Incident Response methodologies and frameworks to address and manage the aftermath of security breaches or incidents with the goal of limiting the damages and reducing the recovery time and costs. The student will be able to identify, contain, eradicate and recover from an attack in an enterprise network. Topics include identifying threat actors and security breaches, analyzing artifacts and logs, restoring back the system, performing postmortem analysis, and implementing and/or modifying mitigating techniques. Overlap ICS 487

Prerequisites

Special information

First day attendance is mandatory.
Formerly: ICS 487. Note: Students are responsible to both be aware of and abide by prerequisites for CFS/CYBR/ICS courses for which they enroll, and will be administratively dropped from a course if they have not met prerequisites.
4 Undergraduate credits

Effective May 6, 2020 to present

Learning outcomes

General

  • Identify and analyze the attacker¿s Tactics, Techniques, and Procedures (TTPs) to evaluate the modus operandi of cyber adversaries, target the resulting investigation and incident response, and anticipate and mitigate future activity.
  • Demonstrate a practical understanding of various methodologies for analyzing artifacts left on a compromised system.
  • Apply Incident Handling methodology based on the National Institute of Standards and Technology (NIST), the US-CERT, and other frameworks
  • Use various available digital forensic and security tools in an efficient and effective manner to aid in investigation
  • Validate the current stage of a cyber-attack based on the Lockheed Cyber Kill Chain model
  • Produce quality reports and communicate the technical contents to a variety of audiences

Summer 2024

Section Title Instructor books eservices
50 Cyber Incident Response and Handling Hepp, Alex Books for CYBR-445-50 Summer 2024 Course details for CYBR-445-50 Summer 2024