Week 12
Read Chapter 11
Chapter 12 – Dealing with incident response procedures
Action – Ian’s Book Key Elements
Read pages 365-393 taking notes
Complete all 30 review questions
Any review questions that are wrong or missing then go back into the chapter and read those areas
Action – Videos Professor Messer

https://www.professormesser.com/security-plus/sy0-601/sy0-601-video/sy0-601-comptia-security-plus-course/

2.5 Resilience

  • Disk Redundancy
  • Network Redundancy
  • Power Redundancy
  • Replication
  • Backup Types
  • Resiliency

2.7 Secure Data Destruction
4.2 Incident Response

  • Incident Response Process
  • Incident Response Planning
  • Attack Frameworks
Incident Response Procedures in order

  • Preparation
  • Identification
  • Containment
  • Eradication
  • Recovery
  • Lessons

Disaster Recovery Exercises

  • Tabletop Exercise
  • Structured Walkthrough
  • Simulation

Attack Frameworks

  • MITRE Attack
  • Cyber Kill Chain
  • Diamond Model of Intrusion Analysis

Incident Response Team including

  • Roles and Responsibilities
  • Utilizing Data Sources to Support Investigations
  • Vulnerability Scans
  • SIEM
  • SOAR
  • Dashboards
  • Log Files
  • Log Managers
  • Meta Data

Configuration Management
Network Segmentation

  • Isolation
  • Containment
  • Segmentation

Implementing Cybersecurity Resilience
RAID
Geographic Dispersal
Network Card Teaming
Load Balancers
Backup Types
Power
Replication
High Availability
Non-Persistence
Diversity
Secure Data Destruction in order
Paper – Burn, Pulp and Shredding
Media – Shredding, Pulverizing and Degaussing
Wiping/formatting