This FAQ, collaboratively created by the community, addresses the contents of the course titled “Incident Response on Linux”.
This course includes these lessons:
- How to Create Incident Response Plan?
- Incident Response Procedure
- 3 Important Things
- Users and Groups
- Processes
- Files and File System
- Mounts
- Network
- Service
- Crontab
- SSH Authorized Keys
- Bash_rc & Bash_profile
- Useful Log Files
You can locate this exercise within the LetsDefend content: