Processes and methodologies Flashcards
What is a Incident Response Plan and what are the main four phases?
Preparation
No organization can spin up an effective incident response on a moment’s notice. A plan must be in place to both prevent and respond to events.
Detection and analysis
The second phase of IR is to determine whether an incident occurred, its severity, and its type.
Containment and eradication
The purpose of the containment phase is to halt the effects of an incident before it can cause further damage.
Post-incident recovery
A lessons learned meeting involving all relevant parties should be mandatory after a major incident and desirable after less severe incidents with the goal of improving security as a whole and incident handling in particular.
What is ITIL?
Information Technology Infrastructure Library is applied in various organizations and industries worldwide. It provides a comprehensive framework for managing IT services and aligning them with business objectives. Here are some areas where ITIL is commonly applied:
- IT Service Providers
- Enterprise IT Departments
- Service Desk and IT Support
- IT Operations
- IT Governance
- Outsourcing and Vendor Management
- IT Project Management
- Continuous Service Improvement
What are alternatives to ITIL?
- COBIT (Control Objectives for Information and Related Technologies)
- ISO/IEC 20000
- Lean IT
- Agile Service Management
- IT4IT
Specific to software development:
- (DevOps)
