Which DSAC domain focuses on responding to security incidents?

Responding to security incidents is the focus of the DSAC domain called Incident Response. This domain covers what teams do when a security event is detected: preparing and planning for incidents, quickly identifying and analyzing what happened, containing the threat to prevent further damage, eradicating the cause, recovering normal operations, and reviewing the incident to improve defenses. It also emphasizes coordinating with IT staff, security operations, management, and, when needed, external partners or authorities to minimize impact and learn from the event. Other DSAC domains focus on different areas: Governance deals with policies, risk management, and compliance; Network Security concentrates on protecting the network and data in transit with controls like firewalls and monitoring; Software Assurance ensures software is secure by design and maintained securely through practices like secure coding and vulnerability management.