adam's notes

Explain Incident Response and Monitoring Concepts
Incident Response
Digital Forensics
Data Sources
Alerting and Monitoring Tools

❯

❯

Explain Incident Response and Monitoring Concepts

Explain Incident Response and Monitoring Concepts

Goals

Summarize incident response and digital forensics procedures

Utilize appropriate data sources for incident investigations

Explain security alerting and monitoring concepts and tools

Incident Response

Incident Response (IR)
CompTIA Incident Response Lifecycle
- Cyber Kill Chain
Threat Hunting

Digital Forensics

Digital Forensics
Due Process
Legal Hold
Forensic Acquisition
Forensic Preservation
Chain of Custody
Digital Forensic Reporting

Data Sources

IR Data Sources, Dashboards, Reports
Log Data
Host Operating System Logs
Application Logs
Endpoint Logs
Network Data Sources
Metadata

Alerting and Monitoring Tools

Security Information and Event Management (SIEM)
Alerting and Monitoring Activities
Alert Tuning
Network Monitoring
Flow Data
Benchmarks and Secure Baselines
Security Content Automation Protocol (SCAP)

Graph View

Backlinks

D329 - Network and Security Applications (Security+)

Created with Quartz v4.5.2 © 2026

CC BY-NC-SA
adamfurman.me