O'Reilly logo

CompTIA Security+ Study Guide: SY0-401, 6th Edition by Chuck Easttom, Emmett Dulaney

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 12

Disaster Recovery and Incident Response

THE FOLLOWING COMPTIA SECURITY+ EXAM OBJECTIVES ARE COVERED IN THIS CHAPTER:

images 2.4 Given a scenario, implement basic forensic procedures.

  • Order of volatility
  • Capture system image
  • Network traffic and logs
  • Capture video
  • Record time offset
  • Take hashes
  • Screenshots
  • Witnesses
  • Track man hours and expense
  • Chain of custody
  • Big Data analysis

images 2.5 Summarize common incident response procedures.

  • Preparation
  • Incident identification
  • Escalation and notification
  • Mitigation steps
  • Lessons learned
  • Reporting
  • Recovery/reconstitution ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required