Operations and Incident Response
From Smithnet Wiki
Jump to navigation
Jump to search
Incident Response Programs
Build and incident response program
Creating an incident response team
Incident response communication plan
Incident identification
Escalation and notification
Mitigation
Incident eradiation and recovery
Validation
Post0incident activities
Incident response exercises
Attack Frameworks
MITRE ATT&CK
Diamond Model of Intrusion Analysis
Cyber kill chain analysis
Incident Investigation
Logging security information
Security information and event management
Cloud audits and investigations
Forensic Techniques
Conducting investigations
Evidence types
Introduction to forensics
System and file forensics
File carving
Creating forensic images
Digital forensic images
Operating system analysis
Password forensics
Network forensics
Software forensics
Mobile device forensics
Embedded device forensics
Chain of custody
eDiscovery and evidence production
Explitation frameworks