From the course: CISSP Cert Prep (2021): 7 Security Operations
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Containment techniques
From the course: CISSP Cert Prep (2021): 7 Security Operations
Containment techniques
- [Narrator] The first minutes and hours of a cybersecurity incident, are an incredibly stressful time. You've conducted some initial analysis and you've determined that an incident is taking place. And you know that there is an intruder active in your network. You've been compromised. And the next steps that you take will play a significant role in the outcome of the incident. In the NIST incident handling process, you've moved from the detection and analysis phase into the containment, eradication and recovery phase. If you've done your work well in the preparation phase, this is where it all pays off. The biggest difference between the earlier phases in this phase, is that you've shifted from the passive activities of detection and analysis into an active phase where you're taking actions in response to the incident. Now, as we've discussed your first priority should be containing the damage caused by the…
Contents
-
-
-
-
-
-
-
(Locked)
Build an incident response program4m 13s
-
(Locked)
Creating an incident response team2m 15s
-
(Locked)
Incident communications plan2m 42s
-
(Locked)
Incident identification4m 26s
-
(Locked)
Escalation and notification2m 29s
-
(Locked)
Mitigation2m 22s
-
(Locked)
Containment techniques3m
-
(Locked)
Incident eradication and recovery5m 28s
-
(Locked)
Validation2m 24s
-
(Locked)
Post-incident activities3m 50s
-
(Locked)
Incident response exercises1m 37s
-
(Locked)
-
-
-