From the course: ISC2 Systems Security Certified Practitioner (SSCP) (2024) Cert Prep
Join today to access over 24,900 courses taught by industry experts.
Post-incident activities
From the course: ISC2 Systems Security Certified Practitioner (SSCP) (2024) Cert Prep
Post-incident activities
- [Instructor] Once the incident response team returns the organization to a normal operating state, all too often the response effort ends without completing the important final step, post-incident activities. Let's talk about five important post-incident activities: the lessons learned process, documentation, evidence retention, the generation of indicators of compromise, and the deployment of new countermeasures. The lessons learned process is designed to provide everyone involved in the incident response effort with an opportunity to reflect on their individual role in the incident and the team's overall response. It's an opportunity to improve the processes and technologies used in incident response to better respond to future security crises. The most common way to conduct a lessons learned session is to gather everyone in the same room or connect them by video conference or telephone, and ask a trained facilitator to lead a lessons learned session. Now, ideally, this…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- (Locked) Build an incident response program4m 13s
- (Locked) Creating an incident response team2m 34s
- (Locked) Incident communications plan2m 44s
- (Locked) Incident detection4m 30s
- (Locked) Escalation and notification2m 30s
- (Locked) Mitigation2m 25s
- (Locked) Containment techniques3m
- (Locked) Incident eradication and recovery5m 37s
- (Locked) Validation2m 24s
- (Locked) Post-incident activities4m 16s
- (Locked) Incident response exercises1m 59s
- (Locked)
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-