Chapter 34

Cyber Forensics and Incident Response

Cem Gurkok, Verizon Terremark

1 Introduction to Cyber Forensics

Cyber forensics and incident response go hand in hand. Cyber forensics reduces the occurrence of security incidents by analyzing the incident to understand, mitigate, and provide feedback to the actors involved. To perform incident response and related activities, organizations should establish an incident plan, a computer security incident response team (CSIRT), or a computer emergency response team (CERT) to execute the plan and associated protocols.

Responding to Incidents

In an organization, there is a daily occurrence of events within the IT infrastructure, but not all of these events qualify as incidents. It is important for the ...

Get Computer and Information Security Handbook, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Computer and Information Security Handbook, 2nd Edition by John R. Vacca

Cyber Forensics and Incident Response

1 Introduction to Cyber Forensics

Responding to Incidents

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly