From the course: Certificate of Cloud Security Knowledge (CCSK) Cert Prep
Join today to access over 25,300 courses taught by industry experts.
Incident preparation
From the course: Certificate of Cloud Security Knowledge (CCSK) Cert Prep
Incident preparation
- [Instructor] The incident preparation phase develops the IR capabilities. Preparation should begin with the realization that any incident in the cloud is shared between the cloud service provider and the cloud service customer. The degree of responsibility will be primarily reflected in the service level agreement and potential tiers of paid support. Preparation activities include establishing a process, selecting a team, and assigning roles and responsibilities to responders. The responder team needs to have continuous read access to resources as well. This read access can be in the form of a security audit of metadata and configuration settings. Alternatively, it can provide full read access to all data beyond metadata. The latter can be granted based on the need and level of the incident experienced. An example of what should be available to responders in the form of documentation would be access control list for reports allowed to specific workloads. Baselines of continually…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.