Operations and Incident Response: Difference between revisions

From Smithnet Wiki
Jump to navigation Jump to search
(Created page with "== Incident Response Programs == === Build and incident response program === === Creating an incident response team === === Incident response communication plan === === In...")
 
m (2 revisions imported)
 
(One intermediate revision by the same user not shown)
(No difference)

Latest revision as of 04:53, 8 May 2024

Incident Response Programs

Build and incident response program

Creating an incident response team

Incident response communication plan

Incident identification

Escalation and notification

Mitigation

Incident eradiation and recovery

Validation

Post0incident activities

Incident response exercises

Attack Frameworks

MITRE ATT&CK

Diamond Model of Intrusion Analysis

Cyber kill chain analysis

Incident Investigation

Logging security information

Security information and event management

Cloud audits and investigations

Forensic Techniques

Conducting investigations

Evidence types

Introduction to forensics

System and file forensics

File carving

Creating forensic images

Digital forensic images

Operating system analysis

Password forensics

Network forensics

Software forensics

Mobile device forensics

Embedded device forensics

Chain of custody

eDiscovery and evidence production

Explitation frameworks