Chapter 4Incident Response and Recovery (Domain 4)
THIS CHAPTER COVERS THE FOLLOWING SSCP EXAM OBJECTIVES:
- 4.1 Support incident lifecycle
- Preparation
- Detection, analysis, and escalation
- Containment
- Eradication
- Recovery
- Lessons learned/implementation of new countermeasure
- 4.2 Understand and support forensic investigations
- Legal and ethical principles
- Evidence handling (e.g., first responder, triage, chain of custody, preservation of scene)
- 4.3 Understand and support Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) activities ...
Get (ISC)2 SSCP Systems Security Certified Practitioner Official Practice Tests now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.