ProLUG Course Books

Intro

ProLUG Course Books

Home
Home
- Getting Started
- Qualifying for the Certification
- Contributing to ProLUG MkDocs
  Contributing to ProLUG MkDocs
  - Contributing to the ProLUG Linux Course Books
  - Local Development and Testing
Linux Admin Course
Linux Admin Course
- Course Overview
  Course Overview
- Unit 1 - Linux File Operations
  Unit 1 - Linux File Operations
  - Intro
  - Worksheet
  - Lab
  - Bonus
- Unit 2 - Essential Tools
  Unit 2 - Essential Tools
  - Intro
  - Worksheet
  - Lab
- Unit 3 - Storage
  Unit 3 - Storage
  - Intro
  - Worksheet
  - Lab
  - Bonus
- Unit 4 - Operating Running Systems
  Unit 4 - Operating Running Systems
  - Intro
  - Worksheet
  - Lab
- Unit 5 - Managing Users and Groups
  Unit 5 - Managing Users and Groups
  - Intro
  - Worksheet
  - Lab
- Unit 6 - Firewalls
  Unit 6 - Firewalls
  - Intro
  - Worksheet
  - Lab
- Unit 7 - Package Management && Patching
  Unit 7 - Package Management && Patching
  - Intro
  - Worksheet
  - Lab
  - Bonus
- Unit 8 - Scripting
  Unit 8 - Scripting
  - Intro
  - Worksheet
  - Lab
  - Bonus
- Unit 9 - Containerization on Linux
  Unit 9 - Containerization on Linux
  - Intro
  - Worksheet
  - Lab
- Unit 10 - Kubernetes
  Unit 10 - Kubernetes
  - Intro
  - Worksheet
  - Lab
  - Bonus
- Unit 11 - Monitoring
  Unit 11 - Monitoring
  - Intro
  - Worksheet
  - Lab
- Unit 12 - Baselines && Benchmarks
  Unit 12 - Baselines && Benchmarks
  - Intro
  - Worksheet
  - Lab
- Unit 13 - System Hardening
  Unit 13 - System Hardening
  - Intro
  - Worksheet
  - Lab
  - Bonus
- Unit 14 - Ansible Automation
  Unit 14 - Ansible Automation
  - Intro
  - Worksheet
  - Lab
- Unit 15 - Troubleshooting
  Unit 15 - Troubleshooting
  - Intro
  - Worksheet
  - Lab
- Unit 16 - Incident Response
  Unit 16 - Incident Response
  - Intro Intro
    Table of contents
    
    Overview
    
    Learning Objectives
  - Worksheet
  - Lab
- Course Resources
  Course Resources
  - External Resources
  - Downloads
Linux Security Course
Linux Security Course
- Course Overview
  Course Overview
- Unit 1 - Build Standards and Compliance
  Unit 1 - Build Standards and Compliance
  - Intro
  - Worksheet
  - Lab
- Unit 2 - Securing the Network
  Unit 2 - Securing the Network
  - Intro
  - Worksheet
  - Lab
- Unit 3 - User Access and System Integration
  Unit 3 - User Access and System Integration
  - Intro
  - Worksheet
  - Lab
- Unit 4 - Bastion Hosts and Airgaps
  Unit 4 - Bastion Hosts and Airgaps
  - Intro
  - Worksheet
  - Lab
- Unit 5 - Updating Systems and Patch Cycles
  Unit 5 - Updating Systems and Patch Cycles
  - Intro
  - Worksheet
  - Lab
- Unit 6 - Monitoring and Parsing Logs
  Unit 6 - Monitoring and Parsing Logs
  - Intro
  - Worksheet
  - Lab
- Unit 7 - Monitoring and Alerting
  Unit 7 - Monitoring and Alerting
  - Intro
  - Worksheet
  - Lab
- Unit 8 - Configuration Drift and Remediation
  Unit 8 - Configuration Drift and Remediation
  - Intro
  - Worksheet
  - Lab
- Unit 9 - Certificate and Key Madness
  Unit 9 - Certificate and Key Madness
  - Intro
  - Worksheet
  - Lab
- Unit 10 - Recap and Final Project
  Unit 10 - Recap and Final Project
  - Intro
  - Worksheet
- Course Resources
  Course Resources
  - External Resources
Linux Automation Course
Linux Automation Course
- Course Overview
  Course Overview
- Unit 1 - Automation Tools
  Unit 1 - Automation Tools
  - Intro
  - Worksheet
  - Lab
- Unit 2 - Interacting with the OS
  Unit 2 - Interacting with the OS
  - Intro
  - Worksheet
  - Lab
- Unit 3 - Creating && Using Inventories
  Unit 3 - Creating && Using Inventories
  - Worksheet
- Unit 4 - Admin Commands && Ad-Hoc Commands
  Unit 4 - Admin Commands && Ad-Hoc Commands
  - Worksheet
- Unit 5 - Environment and Local Variables
  Unit 5 - Environment and Local Variables
  - Worksheet
- Course Resources
  Course Resources
  - External Resources
  - Downloads
Blog
Blog
- Archive

Unit 16 - Incident Response

Overview

This unit introduces Incident Response, a critical discipline in cybersecurity and systems administration focused on identifying, containing, eradicating, recovering from, and learning from system incidents. This unit also demonstrates the crucial need for policies and procedures in the likely event an incident occurs which facilitate successful remedies for administrators during stressful events.

By the end of this unit, you'll understand the key phases and practices for developing and executing an effective incident response plan within enterprise environments to minimize the impact of system incidences.

Learning Objectives

By the end of this unit, you should be able to:

Define the stages of the incident response lifecycle.
Understand the roles and responsibilities within an incident response team.
Outline steps for initial incident detection and triage.
Describe methods for system recovery and post-incident analysis.