As the full incident response team assembles, they move from the isolation and quarantine strategy used by first responders into a full incident mitigation mode designed to control the damage and loss caused to the organization by performing a full range of incident containment activities. In this video, learn about the process of incident mitigation, including damage and loss control.
- [Narrator] As the full incident response team assembles…they move from the isolation and quarantine strategy…used by first responders…into a full incident mitigation mode.…The goal of this mitigation phase…is controlling the damage and loss…caused to the organization…by performing a full range…of incident containment activities.…The nature of those activities…will vary based upon the severity of the incident.…The National Institute for Standards and Technology…suggests six criteria that responders may use…when evaluating a potential containment strategy.…
First, responders should consider…the potential for damage and theft…of resources during the incident.…Second, they should evaluate the need…for evidence preservation and the effect…that the strategy might have…on the ability to preserve evidence.…Third, responders should evaluate…service availability requirements…and the impact of different containment strategies…on that service availability.…Fourth, responders must understand…the time and resources required…
Author
Mike Chapple
Released
4/30/2018Find the companion study books at the Sybex test prep site and review the complete CISSP Body of Knowledge at https://www.isc2.org/cissp-domains/default.aspx.
- Conducting investigations
- Forensics
- Reporting and documenting incidents
- Continuous security monitoring
- Preventing data loss and theft
- Asset management
- Change management
- Virtualization security
- Security principles: need to know, separation of duties, and more
- Building an incident response program
- Personnel safety and emergency management
Skill Level Intermediate
Duration
Views
-
Introduction
-
Welcome2m 43s
-
-
1. Investigations and Forensics
-
Evidence types3m 51s
-
System and file forensics4m 17s
-
Network forensics4m 19s
-
Software forensics2m 52s
-
Embedded device forensics2m 50s
-
Chain of custody2m 13s
-
2. Logging and Monitoring
-
Data loss prevention6m 34s
-
3. Resource Security
-
Physical asset management3m 12s
-
Virtualization4m 20s
-
Virtualization security6m 20s
-
Cloud computing models3m 44s
-
Public cloud tiers5m 35s
-
-
4. Security Principles
-
5. Incident Management
-
Incident identification4m 2s
-
Escalation and notification2m 42s
-
Mitigation2m 46s
-
Recovery and reconstitution2m 20s
-
6. Personnel Safety
-
Employee safety2m 26s
-
Emergency management2m 14s
-
-
Conclusion
-
What's next?43s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Mitigation