Chapter 13

Disaster Recovery and Incident Response

The Following CompTIA Security+ Exam Objectives Are Covered in This Chapter:

  • 2.3 Execute appropriate incident response procedures.
    • Basic forensic procedures: Order of volatility; Capture system image; Network traffic and logs; Capture video; Record time offset; Take hashes; Screenshots; Witnesses; Track man hours and expense
    • Damage and loss control
    • Chain of custody
    • Incident response: first responder
  • 2.5 Compare and contrast aspects of business continuity.
    • Business impact analysis
    • Removing single points of failure
    • Business continuity planning and testing
    • Continuity of operations
    • Disaster recovery
    • IT contingency planning
    • Succession planning
  • 2.7 Execute disaster recovery plans and procedures. ...

Get CompTIA® Security+™: Study Guide, Fifth Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial