Chapter 7

Security Operations

This chapter covers the following topics:

  • Investigations: Concepts discussed include forensic and digital investigations and procedures, reporting and documentation, investigative techniques, evidence collection and handling, and digital forensics tools, tactics, and procedures.

  • Logging and Monitoring Activities: Concepts discussed include audit and review, intrusion detection and prevention, security information and event management, continuous monitoring, egress monitoring, log management, threat intelligence, and user and entity behavior analytics (UEBA).

  • Configuration and Change Management: Concepts discussed include configuration management and change management, resource provisioning, baselining, and automation. ...

Get CISSP Cert Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial