Chapter 4. Dealing with an Attack

Computer and network security incidents do happen. They occur every minute of every day somewhere in the world. Many go unnoticed. Others might be caught through automated monitoring solutions, direct contact, or even pure luck. You might find yourself responding to any of the following kinds of incidents:

• Direct network intrusion

• Brute force authentication attack

• Denial-of-service attack

• Lost employee laptop

• Lost backup tapes

• Exposed confidential or proprietary information

• Extortion

• Attacks through portable media such as USB thumb drives

• Spyware

• Keyloggers

• Wireless sniffing

No matter the vector, you must be ready to respond. When responding to an incident, you need to be prompt and take ...

Get Computer Incident Response and Product Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.