Video Description

This lesson covers incident response policies which include: · Who does what · Prioritization · "Do the thinking for you' · Have both broad and fine details When drafting a security policy, it is important to consider what is permitted and not permitted on your network. Remember, it is not an incident if nothing is violated. The policy needs to address the following: · Network traffic · Host applications · Web, e mail, FTP · User account activity · Administrator account activity · Guest/other account activity In case there is lack of policy, should an incident occur, notify senior management, form an Ad hoc team and get the necessary assistance.

Course Modules

Incident Response & Advanced Forensics