Sponsors

Follow Us

Upcoming events

Menu
Log in
Forgot password
Search
Log in

TECHNICAL COURSES
NCC 219: NETWORK FORENSICS AND INCIDENT RESPONSE

COURSE NUMBER

NCC 219

CREDIT / UNIT HOURS

4

PRE-REQUISITES

NCC 214: Ethical Hacking and Systems Defense

RECOMMENDED TEXT BOOK

:: Practical Packet Analysis

:: Applied Network Security Monitoring

:: DSU CET4862 – Network Forensics and Incident Response

ISBN

978-1-59327-802-1 / 978-0-124172-166

COURSE LAB

None


DESCRIPTION

4 credit/unit hours – Four hours of lecture weekly; one term

This course explores security incidents and intrusions, including identifying and categorizing incidents and attackers, responding to incidents, analyzing logfiles and packet captures, working with Security Information and Event Management (SIEM) systems, and leveraging Network Security Monitoring methodologies.

LEARNING OBJECTIVES

Upon completion of this course the student will be able to:

    • Detect and characterize various types of computer and network incidents;
    • Demonstrate a practical understanding of the analysis of artifacts left on a compromised system;
    • Demonstrate an understanding of how to effectively respond to privileged and major event incidents;
    • Demonstrate an understanding of advisories, alerts, and management briefings; and
    • Demonstrate the ability to communicate incident response findings to technical and non-technical personnel

MAIN TOPICS

1.0 Attackers: Overview

2.0 Incident Response Preparation

3.0 Indicators and Intelligence

4.0 Incident Identification

5.0 Containment, Eradication, Recovery

6.0 Network Security Monitoring (NSM)

7.0 Intrusion Detection/Prevention Systems

8.0 Security Information and Event Management (SIEM) Systems

9.0 Logfile Aggregation

10.0 Gathering Data

11.0 Network Forensics




© 2025 Cyber Ready Professional Consortium  PRIVACY POLICY / TERMS OF USE

Powered by Wild Apricot Membership Software