Chapter 7

Policies, Procedures, and Incident Response

The Following CompTIA CASP Exam Objectives Are Covered in This Chapter:

• 2.3 Explain the importance of preparing for and supporting the incident response and recovery process
  • E-Discovery
• Electronic inventory and asset control
• Data retention policies
• Data recovery and storage
• Data ownership
• Data handling
• Data breach
• Recovery
• Minimization
• Mitigation and response
• System design to facilitate incident response taking into account types of violations
• Internal and external
• Private policy violations
• Criminal actions
• Establish and review system event and security logs
• Incident and emergency response
• 2.4 Implement security and privacy policies and procedures based on organizational requirements
  • Policy development and updates in light of new business, technology, and environment changes
  • Process/procedure development and updates in light of policy, environment, and business changes
  • Support legal compliance and advocacy by partnering with HR, legal, management, and other entities
  • Use common business documents to support security