Chapter 11. Incident Response and Recovery
This chapter covers the following topics:
E-Discovery: This section covers electronic inventory and asset control, data retention policies, data recovery and storage, data ownership, data handling, and legal holds.
Data Breaches: This section describes detection and collection methods, mitigation approaches, recovery techniques, response processes, and disclosure handling.
Facilitate Incident Detection and Response: This section covers hunt teaming; heuristics; behavioral analytics; and establishing and reviewing system, audit, and security logs.
Incident and Emergency Response: Topics include chain of custody, forensic analysis of compromised systems, continuity of operations, disaster recovery, ...
Get CompTIA Advanced Security Practitioner (CASP) CAS-003 Cert Guide, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
