From the course: Cert Prep: ISC2 Certified in Cybersecurity (CC)
Join today to access over 23,200 courses taught by industry experts.
Incident identification
From the course: Cert Prep: ISC2 Certified in Cybersecurity (CC)
Incident identification
- [Narrator] Once you have an incident response plan in place and a team prepared, the incident response process then enters a state of perpetual monitoring. Watching for signs that an incident is occurring or has already taken place. There are many different ways that an organization might identify a security incident. The key to successful incident identification is having a robust security monitoring infrastructure. Data is crucial to incidence detection and organizations have a responsibility to collect, analyze, and retain security information. Now, there are many different information sources that may contribute data that's crucial to identifying and analyzing a possible security incident. These include intrusion, detection, and prevention systems, firewalls, authentication systems, system and file integrity monitoring systems, vulnerability scanners, system event logs, net flow connection records, and antimalware…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.