From the course: CISSP Cert Prep (2021): 7 Security Operations
Unlock the full course today
Join today to access over 22,500 courses taught by industry experts or purchase this course individually.
Incident response exercises
From the course: CISSP Cert Prep (2021): 7 Security Operations
Incident response exercises
- [Instructor] Hopefully, you don't need to activate your incident response plan on a frequent basis. However, it's still important to keep the plan in front of team members, to provide them with the opportunity to keep their skills sharp. Let's talk about a few ways that you can exercise and test your incident response process. Read-throughs are the simplest form of incident response plan testing. They're also known as checklist reviews. In this approach, incident response team leaders distribute copies of the current plan to all personnel involved in incident response efforts and they ask them to review the procedures. Team members then provide feedback about any updates needed to keep the plan current. Walk-throughs go a step further, and involve getting everyone together to review the plan at the same time. For this reason, the walkthrough is also known as a tabletop exercise. Walk-throughs achieve the same result…
Contents
-
-
-
-
-
-
-
Build an incident response program4m 13s
-
Creating an incident response team2m 15s
-
Incident communications plan2m 42s
-
Incident identification4m 26s
-
Escalation and notification2m 29s
-
Mitigation2m 22s
-
Containment techniques3m
-
Incident eradication and recovery5m 28s
-
Validation2m 24s
-
Post-incident activities3m 50s
-
Incident response exercises1m 37s
-
-
-
-