CompTIA Security+ SY0-601 Cert Guide, 5th Edition

Chapter 29

Applying Mitigation Techniques or Controls to Secure an Environment

This chapter covers the following topics related to Objective 4.4 (Given an incident, apply mitigation techniques or controls to secure an environment) of the CompTIA Security+ SY0-601 certification exam:

Reconfigure endpoint security solutions
- Application approved list
- Application block list/deny list
- Quarantine
Configuration changes
- Firewall rules
- MDM
- DLP
- Content filter/URL filter
- Update or revoke certificates
Isolation
Containment
Segmentation
SOAR
- Runbooks
- Playbooks

After a security incident has been stabilized, you, as security administrator, should examine lessons learned to prevent reoccurrences of similar incidents. This includes patching server vulnerabilities, ...

Get CompTIA Security+ SY0-601 Cert Guide, 5th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CompTIA Security+ SY0-601 Cert Guide, 5th Edition by Omar Santos, Ron Taylor, Joseph Mlodzianowski

Chapter 29

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly