Please enable JavaScript.
Coggle requires JavaScript to display documents.
Chapter 15 - Coggle Diagram
Chapter 15
Computer Incidents
inappropriate usage
unauthorized access
malicious code
multiple component
denial of service attack
CIRT
Roles
team leader
information security members
network administrators
physical security
legal
human resources
communications
Responsibilities
protecting collected evidence
using a chain of custody
recommending controls to prevent future incidents
determining the cause of incidents
investigating incidents
developing incident response procedures
Best Practices
subscribing to security notifications
including checklists
providing training
including policies in the CIRT plan to guide CIRT members
defining a computer security incident
Incident Handling Process
containment, eradication, and recovery
postincident recovery
detection and analysis
preparation
Members
distributed incident response team
coordinating team
central incident response team
Harden a Server
keeping systems up to date
reducing the attack surface
enabling firewalls
enabling IDSs