FAQ: Incident Response on Linux

This FAQ, collaboratively created by the community, addresses the contents of the course titled “Incident Response on Linux”.

This course includes these lessons:

  • How to Create Incident Response Plan?
  • Incident Response Procedure
  • 3 Important Things
  • Users and Groups
  • Processes
  • Files and File System
  • Mounts
  • Network
  • Service
  • Crontab
  • SSH Authorized Keys
  • Bash_rc & Bash_profile
  • Useful Log Files

You can locate this exercise within the LetsDefend content: