From the course: CISSP Cert Prep (2021): 7 Security Operations

Unlock the full course today

Join today to access over 22,400 courses taught by industry experts or purchase this course individually.

Mitigation

Mitigation

From the course: CISSP Cert Prep (2021): 7 Security Operations

Start my 1-month free trial

Mitigation

- [Instructor] As the full incident response team assembles, they move from the isolation and quarantine strategy used by first responders into a full incident mitigation mode. The goal of this next step is controlling the damage and loss caused to the organization by performing a full range of incident containment activities. The nature of those activities will vary based upon the severity of the incident. The National Institute for Standards and Technology suggests six criteria that responders may use when evaluating a potential containment strategy. First, they should look at the potential for damage and theft of resources. Second, they should look at the need for evidence preservation and the effect that the strategy might have on the ability to preserve evidence. Third, they should look at service availability requirements and the impact of a containment strategy on that availability. Fourth, they need to look at…

Contents