CompTIA Security+ SY0-601 Exam Cram, 6th Edition

Chapter 29 Incident Mitigation

This chapter covers the following official Security+ exam objective:

▶ 4.4 Given an incident, apply mitigation techniques or controls to secure an environment.

Essential Terms and Components

▶ application allow list
▶ application block list/deny list
▶ quarantine
▶ isolate
▶ containment
▶ segmentation
▶ secure orchestration, automation, and response (SOAR)
▶ runbook
▶ playbook

Applying techniques to mitigate an incident is a critical part of the incident response process. Recall from Chapter 27, “Incident Response,” the primary phases of the incident response process. Applying mitigation techniques or controls in order to secure an environment is key to the containment, eradication, and recovery phases. ...

Get CompTIA Security+ SY0-601 Exam Cram, 6th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CompTIA Security+ SY0-601 Exam Cram, 6th Edition by Diane Barrett, Martin M. Weiss

Chapter 29

Incident Mitigation

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly