From the course: CompTIA CySA+ (CS0-002) Cert Prep: 6 Incident Response
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Escalation and notification
From the course: CompTIA CySA+ (CS0-002) Cert Prep: 6 Incident Response
Escalation and notification
- [Instructor] When security professionals detect a potential incident, they should immediately swing into first-responder mode, acting to isolate affected systems and contain the damage caused by the incident. As soon as they've handled the immediate emergency, they should move into the incident escalation and notification process. The escalation and notification process has several important objectives. First, it evaluates the severity of the incident based upon the incident's potential impact on the organization's security. Second, it escalates the incident to an appropriate level of incident response. And finally, it notifies management and other stakeholders of the incident and plans to resolve it. After containing an incident, responders should begin a triaging process that identifies the potential impact of the incident. The process for rating incident severity should be found in the organization's incident response…
Contents
-
-
-
-
(Locked)
Build an incident response program4m 33s
-
(Locked)
Creating an incident response team2m 25s
-
(Locked)
Incident communications plan2m 51s
-
(Locked)
Incident identification3m 50s
-
(Locked)
Escalation and notification2m 42s
-
(Locked)
Mitigation2m 46s
-
(Locked)
Containment techniques3m 21s
-
(Locked)
Incident eradication and recovery4m 38s
-
(Locked)
Validation2m 40s
-
(Locked)
Post-incident activities4m 2s
-
(Locked)
-
-
-