CYBR 445 Cyber Incident Response and Handling
Prerequisites
Special information
Formerly: ICS 487. Note: Students are responsible to both be aware of and abide by prerequisites for CFS/CYBR/ICS courses for which they enroll, and will be administratively dropped from a course if they have not met prerequisites.
Effective May 6, 2020 to present
Learning outcomes
General
- Analyze an attacker's Tactics, Techniques, and Procedures (TTPs) to assess adversary behavior, guide investigations, and anticipate future cyber threats.
- Apply incident response methodologies, including NIST and US-CERT frameworks, to detect, contain, and mitigate security incidents.
- Utilize forensic and security tools to collect, analyze, and preserve digital evidence for cyber investigations.
- Assess the current stage of a cyber attack using frameworks such as the Cyber Kill Chain and MITRE ATT&CK to inform response strategies.
- Develop and execute incident response plans encompassing containment, eradication, recovery, and post-incident analysis.
- Produce and communicate comprehensive forensic and incident response reports tailored for both technical and non-technical audiences.
- Evaluate and justify ethical considerations in cyber incident response, including privacy implications, legal constraints, and responsible disclosure.
Summer 2026
| Section | Title | Instructor | books | eservices |
|---|---|---|---|---|
| 50 | Cyber Incident Response and Handling | Hepp, Alex | Books for CYBR-445-50 Summer 2026 | Course details for CYBR-445-50 Summer 2026 |