PCF7206 Cyber Incident Analysis and Response

This course covers various incident analysis tools and techniques that support dynamic vulnerability analysis and elimination, intrusion detection, attack protection, and network/resources repair. The students will be presented with real-world examples and scenarios to help provide knowledge, understanding, and capacity for effective cyber incident analysis and response.

Course objectives 
This course aims to enable students to;

• Obtain basic knowledge on dealing with system security related incidents. 
• Increase knowledge on potential defenses and counter measures against common threat vectors/vulnerabilities
• Gain experience using tools and common processes in performing analysis of compromised systems and dynamic malware analysis
• Obtain current knowledge of events and tools/support kits in the subject area.

Expected Learning outcomes
By the end of this course students will be able to; 

• Demonstrate an understanding of background and concepts for cyber incident management
• Demonstrate an understanding of the preparation phase of cyber security incident management.
• Demonstrate an understanding of reactive cyber incident management activities. 
• Demonstrate an understanding of protecting and restoring systems that have been compromised by cyber security incidents including incident containment, identification, eradication, and recovery.