Building Incident Response Plans + Threat Hunting

0.0(0)
studied byStudied by 0 people
GameKnowt Play
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/4

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

5 Terms

1
New cards

Communcation plans

are critical to incident response processes

2
New cards

Stakeholder management plans

are related to communication plans and focus on groups and individuals who have an interest or role in the systems, organizations, or services that are impacted by an incident

3
New cards

Business continuity (BC)

plans focus on keeping an organization functional when misfortune or incidents occur

4
New cards

Disaster recovery (DR)

plans define the processes and procedures when a human-made or natural disaster occurs

5
New cards

Threat Hunting

  • Account lockout, which is often due to brute-force login attempts or incorrect passwords used by attackers

  • Concurrent session usage when users aren’t likely to use concurrent sessions

  • Blocked content

  • Impossible travel

  • Resource consumption

  • Resource inaccessibility

  • Out-of-cycle logging occurs when an event that happens at the same time or on a set cycle occurs at an unusual time

  • Missing logs may indicate that an attacker has wiped the logs to attempt to hide their actions

  • Published/documented describes indicators that have been discovered and published or documented

Explore top notes

Explore top flashcards