-
Prepare for the Systems Security Certified Practitioner (SSCP) certification. Review the objectives from the Incident Response and Recovery domain.
Earning the (ISC)2 Systems Security Certified Practitioner (SSCP) certification can help to accelerate your career by validating your understanding of essential IT security concepts. In this installment of the SSCP Cert Prep series, instructor Mike Chapple covers the objectives of Incident Response and Recovery, the fourth domain of the SSCP exam. Topics discussed include incident management-including how to build a security incident response program-and network and software forensics. Mike also explores disaster recovery, discussing the design of backup strategies, different options for alternate processing facilities, and how to evaluate the effectiveness of business continuity and disaster recovery plans.
Overview
Syllabus
-
Introduction
- Incident response
- Build an incident response program
- Incident communications plan
- Incident identification
- Escalation and notification
- Mitigation
- Recovery and reconstitution
- Lessons learned and reporting
- Building an incident response team
- Conducting investigations
- Evidence types
- Introduction to forensics
- System and file forensics
- Network forensics
- Software forensics
- Embedded device forensics
- Chain of custody
- Reporting and documenting incidents
- Electronic discovery (eDiscovery)
- Business continuity planning
- Business continuity controls
- High availability and fault tolerance
- Disaster recovery overview
- Backups
- Validating backups
- Disaster recovery sites
- Testing BC/DR plans
- What's next?
