From the course: CISSP Cert Prep (2021): 7 Security Operations
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Validation
From the course: CISSP Cert Prep (2021): 7 Security Operations
Validation
- [Narrator] Eradication and recovery processes are complex and they require different activities depending upon the nature of the compromise. Therefore, it's very important that you validate your work before declaring an incident resolved. Validation is the final activity that you should undertake during the containment eradication and recovery phase before moving on to post-incident activities. Let's take a look at the activities that should take place during validation. First, check the security of every system on your network with a particular focus on those that were involved in the compromise. Now, that might sound like a tremendous amount of work but you can automate this with the help of configuration management tools. You'll want to pay particular attention to ensuring that all of your systems are patched with current security updates, and they're protected against known vulnerabilities. In addition to validating…
Contents
-
-
-
-
-
-
-
(Locked)
Build an incident response program4m 13s
-
(Locked)
Creating an incident response team2m 15s
-
(Locked)
Incident communications plan2m 42s
-
(Locked)
Incident identification4m 26s
-
(Locked)
Escalation and notification2m 29s
-
(Locked)
Mitigation2m 22s
-
(Locked)
Containment techniques3m
-
(Locked)
Incident eradication and recovery5m 28s
-
(Locked)
Validation2m 24s
-
(Locked)
Post-incident activities3m 50s
-
(Locked)
Incident response exercises1m 37s
-
(Locked)
-
-
-