Identifying, Monitoring, and Analyzing Risk and Incident Response and Recovery

开始时间: 04/04/2020 持续时间: Unknown

所在平台: Coursera

课程类别: 其他类别

大学或机构: CourseraNew



Explore 1600+ online courses from top universities. Join Coursera today to learn data science, programming, business strategy, and more.


第一个写评论        关注课程


Risk Identification, Monitoring, and Analysis: In the Risk Identification, Monitoring, and Analysis session, you will learn how to identify, measure, and control losses associated with adverse events. You will review, analyze, select, and evaluate safeguards for mitigating risk.You will learn processes for collecting information, providing methods of identifying security events, assigning priority levels, taking the appropriate actions, and reporting the findings to the correct individuals. After collection of the details from monitoring, we can analyze to determine if the system is being operated in accordance with accepted industry practices, and in compliance with organization policies and procedures. Incident Response and Recovery: In the Incident Response and Recovery Session, you will gain an understanding of how to handle incidents using consistent, applied approaches in order to resolve. Once an incident is identified, action will be necessary in order to resolve. We will examine processes such as damage recovery, data integrity and preservation, and the collection, handling, reporting, and prevention. You will be introduced to the Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) concepts and how they can be utilized in order to mitigate damages, recover business operations, and avoid critical business interruption. Through the use of the DRP, you will understand the procedures for emergency response and post-disaster recovery. Course Objectives 1. Describe the risk management process 2. Perform security assessment activities 3. Describe processes for operating and maintaining monitoring systems 4. Identify events of interest 5. Describe the various source systems 6. Interpret reporting findings from monitoring results 7. Describe the incident handling process 8. Contribute to the incident handling process based upon role within the organization 9. Describe the supporting role in forensics investigation processes 10. Describe the supporting role in the business continuity planning process 11. Describe the supporting role in the disaster recovery planning process

识别,监视和分析风险与事件响应和恢复:风险识别,监视和分析:在“风险识别,监视和分析”会话中,您将学习如何识别,度量和控制与不良事件相关的损失。您将审查,分析,选择和评估缓解风险的保障措施。您将学习收集信息的过程,提供识别安全事件,分配优先级,采取适当措施以及将调查结果报告给正确的个人的方法。从监视收集到详细信息之后,我们可以进行分析以确定系统是否正在按照公认的行业惯例运行,并符合组织的政策和程序。  事件响应和恢复:在事件响应和恢复会话中,您将了解如何使用一致的,已应用的方法来处理事件以解决问题。一旦发现事件,将需要采取措施来解决。我们将检查损坏恢复,数据完整性和保存以及收集,处理,报告和预防等过程。将向您介绍业务连续性计划(BCP)和灾难恢复计划(DRP)的概念,以及如何利用它们来减轻损害,恢复业务运营并避免严重的业务中断。通过使用DRP,您将了解紧急响应和灾难后恢复的过程。  课程目标 1.描述风险管理过程 2.进行安全评估活动 3.描述操作和维护监视系统的过程 4.识别感兴趣的事件 5.描述各种源系统 6.解释监测结果的报告结果 7.描述事件处理过程 8.根据组织内的角色为事件处理过程做出贡献 9.描述法医调查过程中的支持作用 10.描述业务连续性计划过程中的支持角色 11.描述灾难恢复计划过程中的支持作用


Module Topic: Risk Visibility and Reporting, Risk management Concepts, Risk Assessment, Risk Treatment, Audit Findings. In Risk visibility and Reporting, you will learn about risk register, creating a risk register, risk register, and risk management steps. In Risk Management Concepts, you will learn about, key terms, and generic risk model with key factors - NIST SP 800-30 R1. In risk Assessment, you will learn about NIST SP 800- 30 R1 risk assessment methodology, Step 1. prepare for the assessment, Step 2. conduct the assessment, Step 2a. identify threat sources, step 2b. identify potential threat events, step 2c. identify vulnerabilities and predisposing conditions, step 2d. determine likelihood, step 2e. determine impact, step 2f. risk determination, risk level matrix, risk levels, step 3. communicating and sharing risk assessment information, step 4. maintaining the risk assessment, and risk assessment activity. In Risk Treatment, you will learn about, risk mitigation, example control: passwords, control selection, residual risk, risk transference, risk avoidance, and risk acceptance. In audit Findings, you will learn about auditors, types of audits, audit methodologies, auditor responsibilities, audit scope, documentation, and response to audit.





Risk Identification, Monitoring, and Analysis: In the Risk Identification, Monitoring, and Analysis