Chapter 4. Dealing with an Attack

Computer and network security incidents do happen. They occur every minute of every day somewhere in the world. Many go unnoticed. Others might be caught through automated monitoring solutions, direct contact, or even pure luck. You might find yourself responding to any of the following kinds of incidents:

• Direct network intrusion

• Brute force authentication attack

• Denial-of-service attack

• Lost employee laptop

• Lost backup tapes

• Exposed confidential or proprietary information

• Extortion

• Attacks through portable media such as USB thumb drives

• Spyware

• Keyloggers

• Wireless sniffing

No matter the vector, you must be ready to respond. When responding to an incident, you need to be prompt and take ...

Get Computer Incident Response and Product Security now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.