Tag: Glenn Norman

Chapter 27: Policies, Processes, and Procedures for Incident Response

Incident response plans

Incident response process

Preparation

Identification

Containment

Eradication

Recovery

Lessons learned

Exercises

Tabletop

Walkthroughs

Simulations

Attack frameworks

MITRE ATT&CK

The Diamond Model ofIntrusion Analysis

Cyber Kill Chain

Stakeholder management

Communication plan

Disaster recovery plan

Business continuity plan

Continuity of operations planning (COOP)

Incident response team

Retention policies

The Diamond Model of Intrusion Analysis