Information Security Incidents Response

This course covers basic procedures of information security incidents management as domain of information security process. International standards and best world practices for cyber incidents response will be analyzed (ITIL, ISO/IEC, NIST, ITU). Basic stages of CERT / CSIRT creation and principles of their activity will be explained. Also, the up-to-date hardware / software tools for incidents detection, mitigation and investigation will be examined. This course will also cover topics such as intrusion detection (IDS) and prevention (IPS) as well as information security events correlation and management (SIEM)