Learn the detailed information you need to prepare for the incident response and recovery domain of the SSCP exam.
Overview
Syllabus
Introduction
- Respond to incidents
- What you need to know
- Study resources
- Build an incident response program
- Creating an incident response team
- Incident communications plan
- Incident identification
- Escalation and notification
- Mitigation
- Containment techniques
- Incident eradication and recovery
- Validation
- Post-incident activities
- Incident response exercises
- Conducting investigations
- Evidence types
- Introduction to forensics
- System and file forensics
- Network forensics
- Software forensics
- Mobile device forensics
- Embedded device forensics
- Chain of custody
- Reporting and documenting incidents
- Electronic discovery (ediscovery)
- Business continuity planning
- Business continuity controls
- High availability and fault tolerance
- Disaster recovery overview
- Backups
- Restoring backups
- Disaster recovery sites
- Testing BC/DR plans
- After-action reports
- Building an emergency response plan
- Continuing your studies
Taught by
Mike Chapple
