Topic: Incident Response, Monitoring, and Governance

🚨 Incident Response Steps

Know the NIST process:

1. Preparation
2. Identification
3. Containment
4. Eradication
5. Recovery
6. Lessons Learned

🧪 Indicators of Compromise (IOCs)

Examples:

• Unknown processes
• Unusual outbound traffic
• Unexpected admin accounts
• File changes
• Log anomalies

📊 Security Monitoring Tools