O'Reilly logo

Effective Incident Response Team, The by Brian Moeller, Julie Lucas

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Incident Reporting

As previously noted in this chapter, every response team should have a report form that identifies the information it requires to investigate and track an incident. The information requested on the incident report form will vary from team to team, and should mirror specific data fields in the incident tracking database and/or trouble ticket system. Appendix A provides a sample form that may be used as a guide for an organization's own incident report form. The CERT CC report form is also available at http://www.cert.org and provides additional fields that may be considered.

The desired information should be clearly requested in the report form and allow little, if any, room for ambiguity. Pick lists or selection options can ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required