Did you know Cybrary has FREE video training? Join more than 2,500,000 IT and cyber security professionals, students, career changers, and more, growing their careers on Cybrary.
This lesson focuses on incident response. Incident management centers on the following: • Events: an observable change in state • Alerts: flagged events to determine if something has taken place earlier • Incidents: adverse impact to a system or network. Types include: o DoS o Malicious code o Unauthorized access o Inappropriate usage When an incident occurs, it is important the resulting response is consistent and well controlled. This is a four step process: • Preparation • Detection and analysis • Containment, eradication and recovery • Post-Incident review This lesson also briefly touches upon problem management, which occurs when there is an incident with an unknown cause.