As soon as incident responders have handled an immediate emergency, they should move into the escalation and notification process. In this video, learn about proper incident escalation and notification procedures.
- [Instructor] When security professionals…detect a potential incident, they should immediately…swing into first responder mode,…acting to isolate affected systems…and contain the damage caused by the incident.…As soon as they've handled the immediate emergency,…they should move into the incident escalation…and notification process.…The escalation and notification process…has several important objectives.…First, it evaluates the severity of the incident…based upon the incident's potential impact…on the organization's security.…
Second, it escalates the incident…to an appropriate level of incident response.…And finally, it notifies management…and other stakeholders of the incident…and plans to resolve it.…After containing an incident,…responders should begin a triaging process…that identifies the potential impact of the incident.…The process for rating incident severity…should be found in the organization's…incident response procedures.…One common scheme uses a three-tiered scale…of low impact, moderate impact and high impact incidents.…
Author
Mike Chapple
Released
5/21/2018Want more CySA+ test prep tips? Visit certmike.com to join Mike's free study group.
- Identifying and classifying security incidents
- Determining incident severity
- Building an incident response program
- Notification, mitigation, recording, and reporting
- Incident symptoms
- Conducting forensic investigations
- Password, network, software, and device forensics
Skill Level Intermediate
Duration
Views
-
Introduction
-
Welcome3m 32s
-
-
1. Assessing Incidents
-
Threat classification4m 5s
-
2. Incident Response Process
-
Incident communications plan2m 51s
-
Incident identification4m 2s
-
Escalation and notification2m 42s
-
Mitigation2m 46s
-
Containment techniques3m 21s
-
Validation2m 20s
-
3. Incident Symptoms
-
Network symptoms4m 2s
-
Endpoint symptoms2m 55s
-
Application symptoms2m 20s
-
-
4. Forensic Investigations
-
Evidence types3m 51s
-
System and file forensics4m 17s
-
Creating forensic images5m 36s
-
Digital forensics toolkit3m 13s
-
Password forensics8m 9s
-
Network forensics4m 19s
-
Software forensics3m 32s
-
Mobile device forensics1m 32s
-
Embedded device forensics2m 50s
-
Chain of custody2m 13s
-
Next Steps
-
Next steps43s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Escalation and notification