After completing this video, the learner will understand the incident identification process, including incident detection, first responder responsibilities and the process of isolating affected systems through quarantine or device removal.
- [Voiceover] Once you've had an incident response plan…in place and a team prepared,…the incident response process…then enters a state of perpetual monitoring.…Watching for signs that an incident is taking place…or has already occurred.…There are many different ways…that an organization might identify a security incident.…The key to successful incident identification…is having a robust security monitoring infrastructure.…Data is crucial to incident detection.…And organizations have a responsibility to collect,…analyze, and retain security information.…
There are many different information sources…that may contribute data crucial to identifying…and analyzing a possible security incident.…These include:…intrusion detection and prevention systems,…firewalls, authentication systems,…system integrity monitors,…vulnerability scanners,…system event logs,…NetFlow connection records…and anti-malware packages,…among many other sources.…If IT systems do one thing well,…it's generating massive amounts of log information.…
Security professionals are responsible for collecting…
- Implementing security controls and policies
- Performing a risk assessment
- Understanding the five risk management actions
- Managing third-party relationships (vendors, etc.)
- Mitigating risk with change management, audits and assessments, and more
- Building an incident response program
- Understanding digital forensics
- Providing security and compliance training
- Ensuring physical security
- Planning for business continuity and disaster recovery
- Matching controls to security goals
Skill Level Intermediate
1. Controls and Risks
2. Third-Party Relationships
Vendor agreements3m 34s
3. Risk Mitigation Strategies
4. Incident Response
6. Awareness and Training
7. Physical Security and Environmental Controls
8. Business Continuity and Disaster Recovery
9. Matching Controls to Security Goals
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.