CompTIA Security+ SY0-601 Exam Cram, 6th Edition

Chapter 27 Incident Response

This chapter covers the following official Security+ exam objective:

▶ 4.2 Summarize the importance of policies, processes, and procedures for incident response.

Essential Terms and Components

▶ incident response plan
▶ incident response process
▶ tabletop exercise
▶ MITRE ATT&CK
▶ Diamond Model of Intrusion Analysis
▶ cyber kill chain
▶ disaster recovery planning (DRP)
▶ business continuity planning (BCP)
▶ continuity of operations planning (COOP)
▶ incident response team (IRT)

Attack Frameworks

Many incidents occur inadvertently, but others are malicious attacks (either internal or external). Such incidents happen in most organizations, no matter how strict their security policies and procedures. Planning ...

Get CompTIA Security+ SY0-601 Exam Cram, 6th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CompTIA Security+ SY0-601 Exam Cram, 6th Edition by Diane Barrett, Martin M. Weiss

Chapter 27

Incident Response

Attack Frameworks

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly