CISSP Arrghh!
I recently failed the CISSP and I'm revising for my 2nd attempt. A lot people have recommended the Eric Conrad 11th hour, so I purchased as an additional resource. However it seems the incident response steps in the Eric Conrad book are wrong. It conflicts with Sybex 7th Edition which is very frustrating for me as I'm despartly trying to get passed this exam and this just adding confusion.
Sybex has the Mitigation step as containing the incident, taking the machine of the network, whereas Eric Conrad has the response stage as containment. Eric has the mitigation step as eradication understanding the root cause and returning the system to a known good state.
Starting to think I should have purchased ISC2 CISSP. However Sybex is endorsed by ISC2 so I guess I go with them?
Can anyone clarify the steps for me as my head is doing circles
Sybex has the Mitigation step as containing the incident, taking the machine of the network, whereas Eric Conrad has the response stage as containment. Eric has the mitigation step as eradication understanding the root cause and returning the system to a known good state.
Starting to think I should have purchased ISC2 CISSP. However Sybex is endorsed by ISC2 so I guess I go with them?
Can anyone clarify the steps for me as my head is doing circles
Comments
Steps:
Detection
Response
Mitigation
Reporting
Recovery
Remediation – conduct RCA and take precautions
Lesson learned – check to see lesson to be learned and possible improvements to the process.
Detection
Response
Reporting
Recovery
Remediation and Review (Lessons Learned)
All he very best for your preparations.
Your step is missing mitigation?
Thanks I have both of those. I'm going to go with Sybex Incident Respone process
Thanks good luck with yours. I have been using Sybex, but got the 11th hour as a quick review guide.
Yep got that one thanks
Incident Response:
Detection
Response
Mitigation
Reporting
Recovery
Remediation
Lessons learned