Once you have an incident response plan in place and a team prepared, the incident response process then enters a state of perpetual monitoring: watching for signs that an incident is taking place or already occurred. In this video, learn about the incident identification process, including incident detection, first responder responsibilities, and the process of isolating affected systems through quarantine or device removal.
- [Instructor] Once you have…an incident response plan in place and a team prepared,…the incident response process…then enters a state of perpetual monitoring,…watching for signs that an incident is taking place…or has already occurred.…There are many different ways that an organization…might identify a security incident.…The key to successful incident identification…is having a robust security monitoring infrastructure.…Data is crucial to incident detection…and organizations have a responsibility to collect,…analyze, and retain security information.…
There are many different information sources…that may contribute data crucial to identifying…and analyzing a possible security incident.…These include intrusion detection and prevent systems,…firewalls, authentication systems,…system integrity monitors, vulnerability scanners,…system event logs, NetFlow connection records,…and anti-malware packages, among many other sources.…If IT systems do one thing well,…it's generating massive amounts of log information.…
Security professionals are responsible for collecting…
Find the companion study books at the Sybex test prep site and review the complete CISSP Body of Knowledge at https://www.isc2.org/cissp-domains/default.aspx.
- Conducting investigations
- Reporting and documenting incidents
- Continuous security monitoring
- Preventing data loss and theft
- Asset management
- Change management
- Virtualization security
- Security principles: need to know, separation of duties, and more
- Building an incident response program
- Personnel safety and emergency management
Skill Level Intermediate
Insights from a Cybersecurity Professionalwith Mike Chapple32m 15s Intermediate
1. Investigations and Forensics
2. Logging and Monitoring
Data loss prevention6m 34s
3. Resource Security
4. Security Principles
5. Incident Management
6. Personnel Safety
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.