After completing this video, the learner will understand the incident recovery and reconstitution process, including incident remediation.
The incident mitigation process…brings an organization to a semi-stable point…in time where the security threat has passed,…and the organization has resumed business operations…if they were otherwise disrupted.…Next, incident responders enter the recovery…and reconstitution phase of incident response.…The goal of this phase is to remove any effects…of the incident and return the organization…to normal operating status,…with all technology systems in place,…and protected against future attacks.…
This phase includes finalizing the technical response…to the incident.…The details of this technical response will vary,…depending upon the type of the incident.…Some of the actions you may need to take…during the incident recovery effort,…include rebuilding compromised systems,…removing malware from infected hosts,…disabling breached user accounts,…and restoring corrupted or deleted data.…These steps help administrators restore the company…to its normal operating state.…
This isn't the only important technical process…that takes place as an incident response wraps up, however.…
Author
Mike Chapple
Released
5/17/2016- Implementing security controls and policies
- Performing a risk assessment
- Understanding the five risk management actions
- Managing third-party relationships (vendors, etc.)
- Mitigating risk with change management, audits and assessments, and more
- Building an incident response program
- Understanding digital forensics
- Providing security and compliance training
- Ensuring physical security
- Planning for business continuity and disaster recovery
- Matching controls to security goals
Skill Level Intermediate
Duration
Views
-
Introduction
-
Welcome1m 11s
-
-
1. Controls and Risks
-
Security policy framework4m 40s
-
Security policies5m 16s
-
Risk assessment5m 1s
-
Quantitative risk assessment6m 41s
-
Risk management3m 53s
-
2. Third-Party Relationships
-
Vendor agreements3m 34s
-
3. Risk Mitigation Strategies
-
Change management4m 6s
-
Audits and assessments5m 44s
-
Data loss prevention (DLP)6m 34s
-
-
4. Incident Response
-
Incident identification4m 2s
-
Escalation and notification2m 42s
-
Incident mitigation2m 46s
-
Recovery and reconstitution2m 20s
-
5. Forensics
-
Computer forensics4m 6s
-
System and file forensics4m 26s
-
Network forensics4m 19s
-
Chain of custody2m 13s
-
-
6. Awareness and Training
-
Security education4m 44s
-
Compliance training3m 27s
-
User habits2m 47s
-
User-based threats2m 4s
-
-
7. Physical Security and Environmental Controls
-
8. Business Continuity and Disaster Recovery
-
Business continuity planning2m 54s
-
Business continuity controls3m 50s
-
Disaster recovery4m 11s
-
Backups8m 49s
-
Disaster recovery sites2m 59s
-
Testing BC/DR plans3m 42s
-
-
9. Matching Controls to Security Goals
-
Confidentiality controls2m 42s
-
Integrity controls4m 53s
-
Availability controls2m 6s
-
Safety controls2m 25s
-
-
Conclusion
-
What's next?42s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Recovery and reconstitution