Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

A+ Core 2, 220-1102 > Incident Response Policies and Procedures > Flashcards

Incident Response Policies and Procedures Flashcards

1
Q

What is an incident?

A

An incident is an event that disrupts normal business operations. An incident response plan outlines the steps to take following the discovery and confirmation of an incident.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Incident-response procedure

A

There are six steps, including: Preparation
Identification
Containment
Eradication
Recovery
Lessons learned

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Preparation

A

Conduct training.
Conduct practice drills (mock data breaches).
Ensure all resources are approved and funded.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Identification

A

Determine if there is a breach or violation of your security policy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Containment

A

Data preservation (drive seizure or copying).
Data integrity.
Chain of custody.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Eradication

A

Use only for other types of breaches:

Determine root cause of breach.
Remove malware.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Recovery

A

Reintroduce affected systems into production environment.
Re-imaging, restore from backup.
Monitor.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Lessons learned

A

Discuss the breach.
What has the incident-response team learned after implementation of the incident-response plan?
What can the team do better next time?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

A+ Core 2, 220-1102 (39 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions