Join Mike Chapple for an in-depth discussion in this video Lessons learned and reporting, part of CompTIA Security+ (SY0-501) Cert Prep: 5 Risk Management.
- [Voiceover] Once the incident response team…returns the organization to a normal operating state…all too often, the response effort ends…without completing an important final step:…conducting a Lessons Learned session…and writing up the results in an incident report.…The Lessons Learned process is designed to provide…everyone involved in the incident response effort…an opportunity to reflect on their individual role…in the incident and the team's response overall.…
It's an opportunity to improve…the processes and technologies used in incident response…to better respond to future security crises.…The most common way to conduct Lessons Learned…is to gather everyone in the same room…or connect them via teleconference or videoconference…and ask a trained facilitator…to lead a Lessons Learned session.…Ideally, this facilitator should have played…no role in the incident response,…leaving him or her with no preconceived notions…about the response.…
The facilitator should be a neutral party…who simply helps guide the conversation.…
Author
Mike Chapple
Released
12/1/2017Looking for study partners?
Join the CompTIA Security+ SY0-501 Exam study groupEarning the CompTIA Security+ certification demonstrates to potential employers that you have a foundational understanding of network security and risk management concepts. This course—the fifth installment in a series readying you for version SY0-501 of the CompTIA Security+ exam—prepares you to tackle the Risk Management domain of the exam. Instructor Mike Chapple—an IT leader with over 15 years of experience—covers key topics, including risk assessment; business impact analysis concepts; personnel management; security education and compliance training; disaster recovery; and preparing for incident response. Visit certmike.com to join one of his free study groups.
We are a CompTIA Content Publishing Partner. As such, we are able to offer CompTIA exam vouchers at a 10% discount. For more information on how to obtain this discount, please download these PDF instructions.
- Security controls and policies
- Risk assessment and management
- Managing vendor relationships
- Social network security
- Security in the hiring process
- Measuring security education
- Business continuity planning and controls
- Preparing for incident response
- Network and software forensics
- Data security policies and roles
- Privacy assessments
Skill Level Beginner
Duration
Views
-
Introduction
-
Welcome1m 6s
-
-
1. Controls and Risks
-
Security controls6m 16s
-
Security policy framework4m 53s
-
Security policies5m 16s
-
Risk assessment5m 22s
-
Quantitative risk assessment6m 41s
-
Risk management3m 53s
-
-
2. Supply Chain Risk
-
Vendor agreements3m 40s
-
3. Personnel Management
-
Employee termination process2m 42s
-
4. Awareness and Training
-
Security education5m 17s
-
Compliance training3m 27s
-
User habits3m 20s
-
User-based threats2m 3s
-
-
5. Business Continuity and Disaster Recovery
-
Business continuity planning3m 27s
-
Business continuity controls3m 50s
-
Disaster recovery4m 26s
-
Backups9m 14s
-
Disaster recovery sites3m 26s
-
Testing BC/DR plans3m 42s
-
After action reports3m 12s
-
-
6. Incident Response
-
Security incidents3m 6s
-
Escalation and notification2m 42s
-
Incident mitigation2m 46s
-
Eradication and recovery2m 20s
-
-
7. Forensics
-
Conducting investigations4m 21s
-
Evidence types3m 51s
-
Introduction to forensics4m 24s
-
System and file forensics4m 26s
-
Network forensics4m 19s
-
Software forensics2m 52s
-
Embedded device forensics2m 50s
-
Chain of custody2m 13s
-
-
8. Data Security and Privacy
-
Understanding data security3m 13s
-
Data security policies5m 43s
-
Data security roles3m 8s
-
Data privacy4m 30s
-
Limiting data collection3m 19s
-
Privacy assessments3m 38s
-
-
Conclusion
-
Next steps39s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Lessons learned and reporting