O'Reilly logo

CompTIA Security+™: Review Guide, Second Edition by James Michael Stewart

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

2.3 Execute appropriate incident response procedures

An incident response procedure is to be followed when a security breach or security violation has occurred. One of the most important goals of incident response is containment: the protection and preservation of evidence. This may require taking systems offline, duplicating hard drives using imaging software, making photographs of monitor displays, documenting strange conditions or activities, disconnecting a server from the network, and so on.

For end users, the incident response policy is simple and direct: They should step away from their computer system and contact the incident response team. For the CIRT (computer incident response team), the incident response policy is more involved. ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required