Sound the Alarm: Detection and Response

This is the sixth course in the Google Cybersecurity Certificate. Learners will focus on incident detection and response. They will learn what defines a security incident and explain the incident response lifecycle, including the roles and responsibilities of incident response teams. Learners will analyze and interpret network communications to detect security incidents using packet sniffing tools to capture network traffic. By assessing and analyzing artifacts, learners will explore the incident investigation and response processes and procedures. Additionally, they will develop a conceptual overview of log data and their role in intrusion detection systems (IDS) and Security Information Event Management (SIEM) tools. Learners who complete this certificate will be equipped to apply for entry-level cybersecurity roles. No previous experience is necessary. By the end of this course, you will: - Explain the lifecycle of an incident. - Describe the tools used in documentation, detection, and management of incidents. - Analyze packets to interpret network communications. - Perform artifact investigations to analyze and verify security incidents. - Identify the steps to contain, eradicate, and recover from an incident. - Determine how to read and analyze logs during incident investigation. - Interpret the basic syntax and components of signatures and logs in Intrusion Detection Systems (IDS) and Network Intrusion Detection Systems (NIDS) tools. - Perform queries in Security Information and Event Management (SIEM) tools to investigate an event.