From the course: CompTIA CySA+ (CS0-002) Cert Prep: 6 Incident Response
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Build an incident response program
From the course: CompTIA CySA+ (CS0-002) Cert Prep: 6 Incident Response
Build an incident response program
- [Instructor] While we strive to protect our systems and information against a wide variety of threats, the grim reality is that no matter how many controls we put in place, there's still a possibility that we'll fall victim to security incident. As we explore the incident response process in this course, we'll focus on using a standard set of practices endorsed by the National Institute for Standards and Technology, NIST. If you'd like more information on this process, you can find a complete reference in the NIST Computer Security Incident Handling Guide. It's published online as NIST Special Publication 800-61 and this guide is widely used as a standard reference throughout the cybersecurity field. Every organization should develop a cybersecurity incident response plan that outlines the policies, procedures and guidelines that the organization will follow when an incident takes place. This process is extremely important…
Contents
-
-
-
-
Build an incident response program4m 33s
-
Creating an incident response team2m 25s
-
Incident communications plan2m 51s
-
Incident identification3m 50s
-
Escalation and notification2m 42s
-
Mitigation2m 46s
-
Containment techniques3m 21s
-
Incident eradication and recovery4m 38s
-
Validation2m 40s
-
Post-incident activities4m 2s
-
-
-
-