Determining the Impact of Incidents

This chapter includes questions on the following topics:

•   Criteria for classifying threats to the network

•   How to determine the severity level of an incident

•   Best practices for prioritizing security incident response

•   The most common types of sensitive and protected data

Incident response is very rarely, if ever, a straightforward activity. Like any other job where you are “putting out fires,” the job of incident response involves constantly measuring severity and then acting accordingly. That is to say, you fight the fire you determine needs your attention first—you act based on priority.

Prioritizing an incident is a product of several factors, such as the scope of impact (including ...

Get CompTIA CySA+ Cybersecurity Analyst Certification Practice Exams (Exam CS0-001) now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.