Incident Response and Recovery
This chapter includes questions from the following objectives:
• 4.1 Support incident lifecycle
• 4.2 Understand and support forensic investigations
• 4.3 Understand and support Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) activities
This chapter contains a complete set of questions and answers regarding support of an incident’s lifecycle (preparation, detection, analysis and escalation, containment, eradication, recovery, lessons learned/implementation of new countermeasure), understanding fault tolerance (RAID, failover clusters, load balancing, redundant connections), and backups. It also contains questions and answers about understanding BCP and DRP activities (BIA, DRP, ...