Security+ Domain 5.0: Risk Management: Chapter 23

Chapter 23: Incident Response, Disaster Recovery and Continuity of Operations (Business Continuity)

Incident Response Plan

Documented incident types

Roles and responsibilities

Reporting

Escalation

Cyber-incident response teams

Incident Response Process

      1. Preparation
      2. Identification
      3. Containment
      4. Eradication
      5. Recovery
      6. Lessons Learned (Postmortem)

Disaster Recovery (when the meteor wipes your business off the Earth)

Recovery Sites

Hot

Warm

Cold

Order of Restoration

Backups

Copy

Full

Differential

Incremental

Geographic Considerations

Off-site backup requirements

Distance

Location

Legal

Data Sovereignity

Business Continuity

Tabletop exercises

After-action reports

Failover

Alternative processing sites

Alternative business practices