Chapter 27: Policies, Processes, and Procedures for Incident Response
Incident response plans
Incident response process
Preparation
Identification
Containment
Eradication
Recovery
Lessons learned
Exercises
Tabletop
Walkthroughs
Simulations
Attack frameworks
MITRE ATT&CK
The Diamond Model ofIntrusion Analysis
Cyber Kill Chain