From the course: CISSP Cert Prep (2021): 7 Security Operations
Unlock the full course today
Join today to access over 22,400 courses taught by industry experts or purchase this course individually.
Mitigation
From the course: CISSP Cert Prep (2021): 7 Security Operations
Mitigation
- [Instructor] As the full incident response team assembles, they move from the isolation and quarantine strategy used by first responders into a full incident mitigation mode. The goal of this next step is controlling the damage and loss caused to the organization by performing a full range of incident containment activities. The nature of those activities will vary based upon the severity of the incident. The National Institute for Standards and Technology suggests six criteria that responders may use when evaluating a potential containment strategy. First, they should look at the potential for damage and theft of resources. Second, they should look at the need for evidence preservation and the effect that the strategy might have on the ability to preserve evidence. Third, they should look at service availability requirements and the impact of a containment strategy on that availability. Fourth, they need to look at…
Contents
-
-
-
-
-
-
-
Build an incident response program4m 13s
-
Creating an incident response team2m 15s
-
Incident communications plan2m 42s
-
Incident identification4m 26s
-
Escalation and notification2m 29s
-
Mitigation2m 22s
-
Containment techniques3m
-
Incident eradication and recovery5m 28s
-
Validation2m 24s
-
Post-incident activities3m 50s
-
Incident response exercises1m 37s
-
-
-
-