4 Incident Response

With a grasp on what you are responsible for from an AWS customer perspective, you can now turn to the pillars that will be tested in the exam. The first pillar is incident response (IR). Knowing how to prepare and then react, in both a manual and an automated fashion, when something occurs in one of your AWS accounts is necessary—not only from the exam perspective but also in real life.

As you will see in this chapter, preparation is crucial to IR. This includes gathering the correct team members responsible for participating in any IR activities. Preparation also includes creating (and testing) runbooks and playbooks that can help team members know the exact set of instructions to follow and cut down on the response time ...

Get AWS Certified Security – Specialty (SCS-C02) Exam Guide - Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

AWS Certified Security – Specialty (SCS-C02) Exam Guide - Second Edition by Adam Book, Stuart Scott

4

Incident Response

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly