Chapter 34

Cyber Forensics and Incident Response

Cem Gurkok,    Verizon Terremark

1 Introduction to Cyber Forensics

Cyber forensics and incident response go hand in hand. Cyber forensics reduces the occurrence of security incidents by analyzing the incident to understand, mitigate, and provide feedback to the actors involved. To perform incident response and related activities, organizations should establish an incident plan, a computer security incident response team (CSIRT), or a computer emergency response team (CERT) to execute the plan and associated protocols.

Responding to Incidents

In an organization, there is a daily occurrence of events within the IT infrastructure, but not all of these events qualify as incidents. It is important for the ...

Get Computer and Information Security Handbook, 2nd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.