From the course: CCSP Cert Prep: 5 Cloud Security Operations Audio Review
Unlock the full course today
Join today to access over 22,700 courses taught by industry experts or purchase this course individually.
Incident management
From the course: CCSP Cert Prep: 5 Cloud Security Operations Audio Review
Incident management
- [Instructor] As much as we try build security controls that reduce the likelihood and impact of security incidents, bad things sometimes happen. In chapter eight, we talked about the controls that we can implement to manage security incidents better. First and foremost we need to have a structure in place to manage incidents. Having structure allows us to manage security incidents in a repeatable and organized fashion. The first step in incident response is identifying that an incident is taking place or took place. The SOC might identify a potential incident through security monitoring tools or we might be notified of an incident by an employee or even an external party. Once we identify an incident, we have to triage it and determine whether it requires escalation and the notification of the incident response team. Many of the incident reports that we receive aren't serious and don't require immediate attention. The…
Contents
-
-
-
(Locked)
Physical and logical infrastructure2m 54s
-
(Locked)
Physical and logical infrastructure: Q&A2m
-
(Locked)
Secure infrastructure operations2m 50s
-
(Locked)
Secure infrastructure operations: Q&A1m 18s
-
(Locked)
Network operations2m 36s
-
(Locked)
Network operations: Q&A1m 11s
-
(Locked)
Network security2m 28s
-
(Locked)
Network security: Q&A1m 51s
-
(Locked)
Security baselines and standards2m 32s
-
(Locked)
Security baselines and standards: Q&A1m 39s
-
(Locked)
Monitoring2m 11s
-
(Locked)
Monitoring: Q&A1m 37s
-
(Locked)
Threat assessment2m 10s
-
(Locked)
Threat assessment: Q&A1m 35s
-
(Locked)
Incident management1m 47s
-
(Locked)
Incident management: Q&A1m 23s
-
(Locked)
Investigations and forensics1m 51s
-
(Locked)
Investigations and forensics: Q&A1m 25s
-
(Locked)
-