CompTIA CySA+ Cybersecurity Analyst Certification All-in-One Exam Guide, Second Edition (Exam CS0-002), 2nd Edition

CHAPTER 16 Appropriate Incident Response Procedures

In this chapter you will learn:

• The major steps of the incident response cycle

• How to prepare for security incidents

• Incident detection and analysis techniques

• How to contain, or reduce the spread, of an incident

• How to eradicate and recover from an incident

• What to do post incident

Predicting rain doesn’t count. Building arks does.

—Warren Buffett

Although we commonly use the terms interchangeably, there are subtle differences between an event, which is any occurrence that can be observed, verified, and documented, and an incident, which is one or more related negative events that compromise an organization’s security posture. Incident response is the process of negating ...

Get CompTIA CySA+ Cybersecurity Analyst Certification All-in-One Exam Guide, Second Edition (Exam CS0-002), 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CompTIA CySA+ Cybersecurity Analyst Certification All-in-One Exam Guide, Second Edition (Exam CS0-002), 2nd Edition by Brent Chapman, Fernando Maymi

CHAPTER 16

Appropriate Incident Response Procedures

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly