17 Security Operations

This chapter will focus on the actual mechanics of security operations, how to manage cybersecurity incidents, and the steps involved in incident resolution.

The chapter will start with key aspects of managing security incidents and take you through the incident response cycle, focusing on detection, response, mitigation, eradication, and recovery. You will also examine how to conduct a “no blame” lessons learned review and some points on reporting and communication.

You will then learn how to operate and maintain common security defenses and review the practicalities of vulnerability management and change management approaches. While the previous chapter focused on the policy and planning side of things, this chapter ...

Get Certified Information Systems Security Professional (CISSP) Exam Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Certified Information Systems Security Professional (CISSP) Exam Guide by Ted Jordan, Ric Daza, Hinne Hettema

17

Security Operations

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly