Chapter 13

Disaster Recovery and Incident Response

The Following CompTIA Security+ Exam Objectives Are Covered in This Chapter:

  • 2.3 Execute appropriate incident response procedures.
    • Basic forensic procedures: Order of volatility; Capture system image; Network traffic and logs; Capture video; Record time offset; Take hashes; Screenshots; Witnesses; Track man hours and expense
    • Damage and loss control
    • Chain of custody
    • Incident response: first responder
  • 2.5 Compare and contrast aspects of business continuity.
    • Business impact analysis
    • Removing single points of failure
    • Business continuity planning and testing
    • Continuity of operations
    • Disaster recovery
    • IT contingency planning
    • Succession planning
  • 2.7 Execute disaster recovery plans and procedures. ...

Get CompTIA® Security+™ Deluxe Study Guide, Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.