Video Description

This lesson focuses on incident response. Incident management centers on the following: • Events: an observable change in state • Alerts: flagged events to determine if something has taken place earlier • Incidents: adverse impact to a system or network. Types include: o DoS o Malicious code o Unauthorized access o Inappropriate usage When an incident occurs, it is important the resulting response is consistent and well controlled. This is a four step process: • Preparation • Detection and analysis • Containment, eradication and recovery • Post-Incident review This lesson also briefly touches upon problem management, which occurs when there is an incident with an unknown cause.

Course Modules

ISC2 Certified Secure Software Life-cycle Professional (CSSLP)