Online Courses
Cyber Incident Response
Online Courses
Cyber Incident Response
  • Cyber Incident Response
  • Incident Response Fundamentals
    • Introduction to Incident Response
    • Why is incident response needed?
    • Incident Response Phases
    • Business Continuity and Disaster Recovery roles
    • Building an IR playbook
    • Building and IR team
    • Quiz
  • Stages of Incident Response
    • Incident definitions and severity criteria
    • Identifying threats and vulnerabilities
    • Incident Response assets inventory and identification
    • Incident identification
      • Incident Response classification levels
      • Communication/notification of an incident
      • Identification tools and techniques
    • Incident containment
      • Determining status of infected/affected computing resources
      • Containment actions
      • Containment tools and techniques
    • Incident investigation
      • Investigation data sources
      • The role of Digital Forensics
    • Incident eradication
      • Cleanup and verification
      • Notification
      • Eradication tools and techniques
    • Incident recovery
      • Service and System restoration
      • Certification and validation of Business Continuity
      • Recovery and restoration tools and techniques
  • Follow Up / Lessons Learned
    • Assessing the team and processes' effectiveness
    • Implementing improvements
    • Feedback from other teams in the organization
    • Quiz
  • Understanding the Incident Response process and tools quiz
Powered by GitBook
On this page
  • Some considerations
  • Getting systems to normal operations
  • Restoring cloud resources
  1. Stages of Incident Response
  2. Incident recovery

Service and System restoration

What does restoration mean to the organization?

Some considerations

Systems generally should be functioning as they would in normal business operations

Corporate business continuity and/or contingency plans should be consulted or invoked

Getting systems to normal operations

Restoring some systems may interfere with operations of others.

  • Restoring a domain controller improperly might affect Active Directory ops

Consider effects on change management, configuration management, etc.

Remember to ensure restored systems are properly secured

Restoring cloud resources

You may not have as much access to resources here

Restoration may require support from the CSP

Restoration will may be faster

  • Consider services such as cloud deployment automation techniques and tools

PreviousIncident recoveryNextCertification and validation of Business Continuity

Last updated 9 months ago