Chapter 4Domain 4.0: Incident Response

EXAM OBJECTIVES COVERED IN THIS CHAPTER:

  • 4.1 Explain the importance of the incident response process.
    • Communication plan
    • Response coordination with relevant entities
    • Factors contributing to data criticality
  • 4.2 Given a scenario, apply the appropriate incident response procedure.
    • Preparation
    • Detection and analysis
    • Containment
    • Eradication and recovery
    • Post-incident activities
  • 4.3 Given an incident, analyze potential indicators of compromise.
    • Network-related
    • Host-related
    • Application-related
  • 4.4 Given a scenario, utilize basic digital forensics techniques.
    • Network
    • Endpoint
    • Mobile
    • Cloud
    • Virtualization
    • Legal hold
    • Procedures
    • Hashing
    • Carving
    • Data acquisition
  1. If Lucca wants to validate the application ...

Get CompTIA CySA+ Practice Tests, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial