Okay, so that's gonna wrap up Chapter 77 down, one more to go. So in security operations, we talk about incident response. And the fact with incident response is that our focus is on
restoring operations as opposed to forensics, where our main goal really is to collect evidence in such a way that it's admissible in court.
Ultimately with the goal of prosecuting the attacker. Ah, we talked about how we collect evidence, the stages, the seven stages of evidence collection or friends, the forensic process. We talked about keeping evidence admissible in court and some of the forensic guidelines.
We talked about the various types of evidence, best evidence, direct evidence and so on.
And then the second part of this chapter, we focused on ah, fault, tolerance and redundancy. We talked about spare devices. We talked about raid, clustering. And then we also talked about some ideas like remote journaling and electronic vaulting.
Um, again, most books, not most books, but many books will also put business continuity here. And you could see that it goes right hand in hand with redundancy and ideas.
But we just felt like it was a better a better strategy to cover it in Chapter one. So, yes, this is also a short chapter, but it has good information. And once again, even if my organization may not match a book that you're using to supplement
exactly, I can assure you we cover the material that's necessary. So let's move on to Chapter eight.