Chapter 14

Incident Management

THE CISSP EXAM TOPICS COVERED IN THIS CHAPTER INCLUDE:

7. Security Operations
A. Manage Incident Response
A.1 Detection
A.2 Response
A.3 Reporting
A.4 Recovery
A.5 Remediation and review (e.g., root cause analysis)
D. Implement preventative measures against attacks (e.g. malicious code, zero-day exploit, denial of service)
G. Understand system resilience and fault tolerance requirements

The Security Operations domain for the CISSP certification exam includes several objectives directly related to incident management. Effective incident management helps an organization respond appropriately when attacks occur to limit the scope of an attack. Incident management is an ongoing process and can help reduce future ...

Get CISSP: Certified Information Systems Security Professional Study Guide, 6th Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.