From the course: Learning Cyber Incident Response and Digital Forensics
Join today to access over 24,700 courses taught by industry experts.
Post-incident activity phase
From the course: Learning Cyber Incident Response and Digital Forensics
Post-incident activity phase
- [Instructor] In this lesson, we're going to focus on the fourth phase of the incident response process, which is known as post-incident activities. Now, after the incident response team conducts their assessment, performs their containment and eradication action, and worked with the system administrators to recover from the incident, the organization is still not fully done with their incident response activities. Instead, we need to move into the post-incident activities, and the first of these is to collect lessons learned from the given incident. Now, the lessons learned process is a formalized method to document the things that we experienced during the incident. What went right? What went wrong? What could we do better next time? All of these are things that should be recorded, and our internal organizational processes need to be improved so we don't face the same issues again next time when we have another…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.