O'Reilly Media | Incident Response

Read it Now!

Reprint Licensing

Incident Response

By Kenneth R. van Wyk, Richard Forno
First Edition August 2001
Pages: 234
ISBN 10: 0-596-00130-4 | ISBN 13: 9780596001308

This book is OUT OF PRINT, but is available on Safari Books Online.

Book description

Are you ready for a computer "incident," such as a security breach? Incident Response shows you both the technical and administrative aspects of building an effective incident response plan. You'll learn about the different types of incidents and ways to respond to them, how to put together an incident response team, what procedures to use, what tools there are for investigating incidents, and where to find extensive online resources.
Full Description

Seventy percent of businesses reported security breaches in 2000, and the rate is on the rise. Is your organization ready to respond to such an incident head-on? Will you be able to tell whether an incident is an attack or a glitch in the system? Do you know how to assess the possible damage from an incident? Incident Response shows you how to answer questions like these and create a plan for exactly what to do before, during, and after an incident. The authors of Incident Response draw on years of experience developing and taking part in incident response teams at the highest levels of government and business. They guide you through both the technical and administrative details of effective incident response planning as they describe:

What incident response is, and the problems of distinguishing real risk from perceived risk
The different types of incident response teams, and advantages and disadvantages of each
Planning and establishing an incident response team
State of the Hack® information about different types of attacks
Recommendations and details about available tools for incident response teams
Resources available to incident response teams

Whatever your organization's size or purpose, Incident Response shows how to put in place an incident-response process that's as planned, efficient, and businesslike as any other IT operation in a mature organization. Incidents happen, and being able to respond to them effectively makes good business sense.

Post-purchase benefits:

Browse within this book

Cover | Table of Contents | Colophon

No time right now?

Email these links Customers interested in this book may also be interested in:

Book:
Building Internet Firewalls
Read more

Book:
Malicious Mobile Code
Virus Protection for Windows
Read more

Book:
Securing Windows NT/2000 Servers for the Internet
A Checklist for System Administrators
Read more

Book details

First Edition: August 2001
ISBN: 0-596-00130-4
Pages: 234

Featured customer reviews

Be the first person to review this book!

Media reviews

"As a network administrator, I ordinarily think of technical issues when I suspect that one of my machines may have been compromised. 'Incident Response' highlights many other types of issues that can affect the efficiency of the investigation as well. The book is targeted at both system/network admins and their managers. That's definitely a tough audience I was pleased at the way that neither group was alienated through excessive use of technical jargon or managerial buzzwords. The book preserved a friendly, sensible tone throughout, and could be read by someone with little or no prior knowledge of network security. However, even sysadmins with years of experience will find helpful tips...I was very favorably impressed with the book, and oh-so-tactfully left a copy on the desk of the manager of Network Security at my job. [grin] When he's done with it, I'm foisting it upon the head of Engineering. If one of our boxes gets hacked, I want to be ready for it. I think 'Incident Response' will be really helpful towards that end."
--Raven Alder, linuxchix.org

"An excellent resource for information on how to respond to computer intrusions and conduct forensic investigations."
--Andrew Conry-Murray, Network, April 2002

?an excellent summary of technical information with guidelines for administrative planning so organizations can map out their responses to computer incidents. The authors selected for this important work show how the incident response process needs to be planned, efficient, and as business-like as any other IT operation in a mature organization.?
--Dale Farris, Golden Triangle PC Club, Oct 2001

"reams of advice...A thought-provoking book"
--Molly Sugden, Freelance Informer, Oct 5, 2001

"This new book by van Wyk and Forno skillfully outlines considerations and plans for a well founded security incident handling group within an organization. O'Reilly has recruited two seasoned incident handlers who have worked for organizations such as the US House of Representatives and CERT/CC. Their depth of experience shows in their insights and is nicely complemented by their dexterity with the material. The major strength of this book, and what will probably constitute its staying power when compared to other offerings on the topic, is its excellent coverage from top to bottom."
--Jose Nazario, Linux Review, 12 Nov 2001

"an excellent summary of technical information with guidelines for administrative planning so organizations can map out their responses to computer incidents. The special authors selected for this important work show how the incident response process needs to be planned, efficient, and as business-like as any other IT operation in a mature organization.. The O'Reilly publishing firm, famous for their emphasis on a common-sense approach to explaining very technical material, depth of detail, and focus on the practical, has released an invaluable tool for anyone currently administering a computer network. As is usually the case with all O'Reilly works, very busy systems administrators will find the attention to detail and the superbly organized material very helpful as they attempt to integrate the valuable information in this book in their daily work."
--Dale Farris, President, Golden Triangle PC Club, September 2001

Hide extended reviews