This course introduces learners to key concepts for detecting cyberattacks, including the importance of anomalies in the functioning of your systems and devices and how to detect them, establishing monitoring systems that spot anomalies and events on an automated basis, and developing effective approaches to establish organizational processes to detect anomalies and events.

Content in this course correlates to categories and subcategories found in the Detect function of the NIST framework.

Learning Objectives: By the end of this course, learners will be able to:

• Describe effective techniques for detecting cyberattacks,
• Establish best approaches for monitoring systems to detect cyberattacks,
• Plan for the development of organizational processes for detecting cyberattack