Cisco Certified Support Technician (CCST) Cybersecurity 100-160 Official Cert Guide

Chapter 15 Incident Handling

This chapter covers the following topics:

Events and Incidents: This section discusses benign and malicious observables.
Incident Response: This section discusses the four phases of incident response, as defined in NIST SP 800-61.
Attack Frameworks and Concepts: This section covers conceptual tools that help in analyzing attacks and attackers.
Evidence and Artifacts: This section discusses how to understand and protect forensic information.
Compliance Frameworks: This section discusses common regulations, their purposes, and notification requirements.

Computer security incidents range from being relatively minor, such as policy noncompliance, to catastrophic cyberattacks. As much as we strive to prevent incidents, ...

Get Cisco Certified Support Technician (CCST) Cybersecurity 100-160 Official Cert Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Cisco Certified Support Technician (CCST) Cybersecurity 100-160 Official Cert Guide by Shane Sexton, Raymond Lacoste

Chapter 15

Incident Handling

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly