From the course: CompTIA Security+ (SY0-601) Cert Prep: 9 Operations and Incident Response
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Conducting investigations
From the course: CompTIA Security+ (SY0-601) Cert Prep: 9 Operations and Incident Response
Conducting investigations
- [Instructor] During the course of their work, information security professionals often find themselves involved in different types of investigations. In some cases, these investigations are led by security teams in response to suspected or actual security incidents. In other cases, the investigation might be led by another group, and security professionals are asked to contribute evidence and expertise. There are four main types of investigations that often involve cybersecurity professionals. These are operational or administrative investigations, criminal investigations, civil investigations, and regulatory investigations. Operational investigations are undertaken to investigate issues related to the organization's technology infrastructure. For example, a service might be returning errors, a server might be responding too slowly, or a network might be congested. These operational investigations seek to get to…
Contents
-
-
-
-
-
-
(Locked)
Conducting investigations3m 50s
-
(Locked)
Evidence types3m 28s
-
(Locked)
Introduction to forensics3m 21s
-
(Locked)
System and file forensics4m 26s
-
(Locked)
File carving3m 46s
-
(Locked)
Creating forensic images5m 30s
-
Digital forensics toolkit2m 25s
-
(Locked)
Operating system analysis6m 9s
-
(Locked)
Password forensics7m 16s
-
(Locked)
Network forensics4m 1s
-
(Locked)
Software forensics4m 25s
-
(Locked)
Mobile device forensics1m 10s
-
(Locked)
Embedded device forensics2m 30s
-
(Locked)
Chain of custody1m 50s
-
(Locked)
Ediscovery and evidence production3m 3s
-
(Locked)
Exploitation frameworks6m 4s
-
(Locked)
-