O'Reilly logo

Effective Incident Response Team, The by Brian Moeller, Julie Lucas

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Operational Strategy

At this point, we have addressed some basic factors in identifying the focus and scope of the team. The next major section of the puzzle to consider is the team's operational strategy. Specifically, will the team be strictly reactive or both proactive and reactive in nature? If it is reactive only, the team would strictly respond to computer incidents as they are detected or reported from the constituency. Tools such as intrusion detection systems (IDSs) may be used to monitor for and detect unauthorized activity as it happens. (Some IDSs can also be configured to help stop an attack in progress.)

It is very difficult, and sometimes ineffective, for a team to remain completely reactive. For example, if an incident affects ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required