Phase2 Advantage Cybersecurity and Certifications

Incident Investigations and Response

As organizations continue to rely on expanding infrastructure in an increasingly hostile threat landscape, the escalation of incidents involving malicious actors poses critical risks to information systems and networks. The ability to identify threats, respond to incidents, restore systems, and enhance security postures is vital to the survival of the operation. The Incident Investigations and Response course textbook brings Incident Response core competencies to advanced levels by presenting students with 14 detailed chapters designed to align with academic calendars.

Students will be provided with the knowledge and the practical skills needed to investigate and respond to network and system incidents. With a specific focus on the identification and remediation of incidents involving host and network devices, students will cover topics such as Threat Intelligence Collection, Investigative Techniques, Malware Triage, and Remediation Strategies. Immersive learning labs utilize the Project Ares® Cyber Range and Wireshark network protocol analyzer software.

Paperback: 266 Pages

ISBN-13: 978-1737352921

Instructor Resources

Training institutions that adopt the Incident Investigations and Response textbook for use in their course curricula may request corresponding instructor resources at no additional cost. These resources include lecture presentation slides, question text banks for each of the 14 chapters, and lab resource guides. For more information please contact Phase2 Advantage.

ADA Accessible Materials

All Phase2 Advantage digital course materials – including textbooks, lab guides, and lecture slides in PDF and PPT formats – are ADA accessible and score 100% on major Learning Management Systems such as Moodle, Blackboard, Canvas, and LearnUpon. For more information please contact Phase2 Advantage or visit our Higher Education page in this website.

Course Learning Objectives

  • CLO #01: Define the characteristics of a computer security incident, list the stages of the incident response life cycle, recognize the stages of the attack life cycle, and identify methods to reduce the likelihood of security incidents.
  • CLO #02: Explain the components of the current threat landscape, the capabilities of nation-state and non-nation-state threat actors, threats posed by digital computer crimes, legal challenges common to digital investigations, and the legal principles of investigating and prosecuting cybercrime.
  • CLO #03: Prepare a security strategy using labs and industry tools to create an effective incident response capability, define the response mission, prepare for incident response investigations, list potential signs of compromise, and verify indicators of compromise (IOC’s).
  • CLO #04: Compare the processes of performing forensic analysis, selection of analysis methods, host and network data collection practices, selection of live response tools and strategies, the location of potential data sources, and the challenges of live data acquisition from a network.
  • CLO #05: Organize a risk management program strategy focusing on key components such as risk management frameworks, asset inventories and resource profiles, analysis methodologies, vulnerability assessment, cost estimate challenges, and third-party service providers.
  • CLO #06: Recommend an incident response implementation that includes creating a remediation team, posturing actions, incident containment strategies, eradication plan development, plan timing and execution, developing strategic recommendations, and documenting lessons learned.

Phase2 Advantage has partnered with VitalSource’s digital content publishing platform to offer cybersecurity training and credentialing capabilities to students around the globe. VitalSource, a subsidiary of the Ingram Content Group (Ingram Publishing), provides digital academic resources to over 7,000 academic institutions around the globe in support of their academic degree and professional development programs.

Listed below are the textbooks currently available on the VitalSource platform; additional titles will be added throughout the year. If your institution utilizes the VitalSource platform, access your VitalSource Management Portal to add Phase2 Advantage cyber security course Exam Prep Guides to your Library. Sampling has been enabled for all eligible faculty and staff.

Contact Us to Learn More

To find out more about bookstore orders or our full range of instructor resources, contact us today via the phone number or email address listed below.

(912) 335-2217