Join Mike Chapple for an in-depth discussion in this video Lessons learned and reporting, part of CompTIA Security+ (SY0-501) Cert Prep: 5 Risk Management.
- [Voiceover] Once the incident response team…returns the organization to a normal operating state…all too often, the response effort ends…without completing an important final step:…conducting a Lessons Learned session…and writing up the results in an incident report.…The Lessons Learned process is designed to provide…everyone involved in the incident response effort…an opportunity to reflect on their individual role…in the incident and the team's response overall.…
It's an opportunity to improve…the processes and technologies used in incident response…to better respond to future security crises.…The most common way to conduct Lessons Learned…is to gather everyone in the same room…or connect them via teleconference or videoconference…and ask a trained facilitator…to lead a Lessons Learned session.…Ideally, this facilitator should have played…no role in the incident response,…leaving him or her with no preconceived notions…about the response.…
The facilitator should be a neutral party…who simply helps guide the conversation.…
Author
Mike Chapple
Released
12/1/2017- Security controls and policies
- Risk assessment and management
- Managing vendor relationships
- Social network security
- Security in the hiring process
- Measuring security education
- Business continuity planning and controls
- Preparing for incident response
- Network and software forensics
- Data security policies and roles
- Privacy assessments
Skill Level Beginner
Duration
Views
-
Introduction
-
Welcome1m 6s
-
-
1. Controls and Risks
-
Security controls6m 16s
-
Security policy framework4m 53s
-
Security policies5m 16s
-
Risk assessment5m 22s
-
Quantitative risk assessment6m 41s
-
Risk management3m 53s
-
-
2. Supply Chain Risk
-
Vendor agreements3m 40s
-
3. Personnel Management
-
Employee termination process2m 42s
-
4. Awareness and Training
-
Security education5m 17s
-
Compliance training3m 27s
-
User habits3m 20s
-
User-based threats2m 3s
-
-
5. Business Continuity and Disaster Recovery
-
Business continuity planning3m 27s
-
Business continuity controls3m 50s
-
Disaster recovery4m 26s
-
Backups9m 14s
-
Disaster recovery sites3m 26s
-
Testing BC/DR plans3m 42s
-
After action reports3m 12s
-
-
6. Incident Response
-
Security incidents3m 6s
-
Escalation and notification2m 42s
-
Incident mitigation2m 46s
-
Eradication and recovery2m 20s
-
-
7. Forensics
-
Conducting investigations4m 21s
-
Evidence types3m 51s
-
Introduction to forensics4m 24s
-
System and file forensics4m 26s
-
Network forensics4m 19s
-
Software forensics2m 52s
-
Embedded device forensics2m 50s
-
Chain of custody2m 13s
-
-
8. Data Security and Privacy
-
Understanding data security3m 13s
-
Data security policies5m 43s
-
Data security roles3m 8s
-
Data privacy4m 30s
-
Limiting data collection3m 19s
-
Privacy assessments3m 38s
-
-
Conclusion
-
Next steps39s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Lessons learned and reporting