Planning Measures: Incident Response Planning

Planning Measures: Incident Response Planning

• discover the key concepts covered in this course
• identify the purpose of an incident response plan and the costs of not having one in place
• list the steps to create incident response policies, plans, and procedures
• recognize when to create a CSIRT and who should be on that team
• identify the different purposes of the different roles on a CSIRT
• describe the elements of an incident response policy
• describe how the incident response plan will be used in practice
• summarize the key concepts covered in this course

Explore the process of recovering from security related incidents such as malware, data leakage, or stolen equipment. Examine how to develop plans, policies, and procedures and how to form a team with well defined roles to execute these plans. Finally, examine how all these components are coordinated in practice when an incident event occurs.