Online Courses
Cyber Incident Response
Online Courses
Cyber Incident Response
  • Cyber Incident Response
  • Incident Response Fundamentals
    • Introduction to Incident Response
    • Why is incident response needed?
    • Incident Response Phases
    • Business Continuity and Disaster Recovery roles
    • Building an IR playbook
    • Building and IR team
    • Quiz
  • Stages of Incident Response
    • Incident definitions and severity criteria
    • Identifying threats and vulnerabilities
    • Incident Response assets inventory and identification
    • Incident identification
      • Incident Response classification levels
      • Communication/notification of an incident
      • Identification tools and techniques
    • Incident containment
      • Determining status of infected/affected computing resources
      • Containment actions
      • Containment tools and techniques
    • Incident investigation
      • Investigation data sources
      • The role of Digital Forensics
    • Incident eradication
      • Cleanup and verification
      • Notification
      • Eradication tools and techniques
    • Incident recovery
      • Service and System restoration
      • Certification and validation of Business Continuity
      • Recovery and restoration tools and techniques
  • Follow Up / Lessons Learned
    • Assessing the team and processes' effectiveness
    • Implementing improvements
    • Feedback from other teams in the organization
    • Quiz
  • Understanding the Incident Response process and tools quiz
Powered by GitBook
On this page
  • What is Business Continuity?
  • Who decides if an organization is back to normal?
  • Evaluation/validation period
  • Begin preparations for follow-up
  1. Stages of Incident Response
  2. Incident recovery

Certification and validation of Business Continuity

What is Business Continuity?

Business can continue to operate and do normal activity through a disaster, event or incident

Who decides if an organization is back to normal?

Usually decided by policy, driven by the BCP or DR team

IR team may serve as only support in the continuity effort

BCP/DR may serve as support for IR team in the same

  • Depends on incident specifics

Evaluation/validation period

Define time frame for how long validation and monitoring will be

How long will we look for abnormal behavior before moving on to follow-up

Begin preparations for follow-up

Part of recovery should be to begin data preparations and findings preparation for follow-up

Another recovery goal is to make sure infections don't recur from previous infections

PreviousService and System restorationNextRecovery and restoration tools and techniques

Last updated 8 months ago