Skip to main content

Advance Detection & Response

In this, the third course of the second phase of the program, you’ll learn how to set up an IT Incident Response Program (IR) and how to develop the documentation necessary to cope effectively with any incident. You’ll also learn to monitor and detect possible threats or suspicious activity in a proactive way, furthering your understanding of the principles and key activities of detection and forensic analysis—skills you’ll be called upon to use regularly in the event of an incident or crisis.

In terms of specific content, you’ll learn and master the following operations.

Managing the Strategic Components of IT Incident Response Programs (IR)

As you learned in the previous course, the speed and efficiency of actions taken in the event of a cyberattack depend on the quality and precision of your IT Incident Response Program as well as on the policies attached to it. Once established, your IR program must evolve constantly through regular updates to remain strategically effective.

Managing the Operational Components of the IR

As with strategic components, and due to the ever-changing nature of IT, the operational components of the IR must also evolve constantly. Regular and meticulous maintenance of security infrastructure is vital to remaining up-to-date and ready to act at all times.

Simulated Cyberattack Scenario: Response Strategies

There’s no better way to prepare you for your role as cyber-security expert than to have you respond to a cyber-attack. And that’s exactly what you’ll do. With the help of industry professionals using actual case studies, you’ll learn to detect, identify, contain and respond rapidly to a cyberattack by being placed in real-life scenarios forcing you to deal with data leaks and various other cyber-threats. These challenges will help you apply technical skills like analyzing activity reports and forensics in a hands-on setting. You’ll also have the opportunity for strategic coordination of the drafting and diffusion of incident reports and the management of other cyber-security personnel.

Post Incident Operations

Even after an incident has been dealt with successfully, the story isn’t over. Post-incident operations are of the utmost importance to guarantee the resiliency of an organization for the future. For example, updating incident reports and adjustments to network termination points are both essential to ensuring protection against future attacks. These, too, will be part of your hands-on learning opportunities.

Armed with this learning, you’ll be ready to embark on the internship phase of the program, which will put the finishing touches on your practical training to make you a highly sought-after cyber-resilience expert… Ready for the last stretch?


Back to top

© Concordia University