The goal of the recovery and reconstitution phase of incident response is to remove any effects of the incident and return the organization to normal operating status with all technology systems in place and protected against future attacks. In this video, learn about the incident recovery and reconstitution process, including incident remediation.
- [Voiceover] The incident mitigation process…brings an organization to a semi-stable point in time.…Where the security threat has passed and the organization…has resumed business operations…if they were otherwise disrupted.…Next incident responders enter the recovery…and reconstitution phase of incident response.…The goal of this phase is to remove any effects…of the incident and return the organization…to normal operating status…with all technology systems in place…and protected against future attacks.…
This phase includes finalizing…the technical response to the incident.…The details of this technical response will vary…depending upon the type of the incident.…Some of the actions you may need to take…during the incident recovery effort…include rebuilding compromised systems,…removing malware from infected hosts,…disabling breached user accounts,…and restoring corrupted or deleted data.…These steps help administrators restore the company…to its normal operating state.…
This isn't the only important technical process…
Find the companion study books at the Sybex test prep site and review the complete CISSP Body of Knowledge at https://www.isc2.org/cissp-domains/default.aspx.
- Conducting investigations
- Reporting and documenting incidents
- Continuous security monitoring
- Preventing data loss and theft
- Asset management
- Change management
- Virtualization security
- Security principles: need to know, separation of duties, and more
- Building an incident response program
- Personnel safety and emergency management
Skill Level Intermediate
Insights from a Cybersecurity Professionalwith Mike Chapple32m 15s Intermediate
1. Investigations and Forensics
2. Logging and Monitoring
Data loss prevention6m 34s
3. Resource Security
4. Security Principles
5. Incident Management
6. Personnel Safety
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.