Chapter 5. Reacting to Security Incidents

This chapter covers the following topics:

Adequate Incident-Handling Policies and Procedures

Laws and Computer Crimes

Security Incident Mitigation Tools


Reacting to security incidents can be an overwhelming and difficult task if you are not prepared. This chapter covers several best practices, techniques, and tips for use when reacting to security incidents. In the previous chapters, you learned how to identify, classify, and trace security incidents. Without successful identification, classification, and traceback, you will never be able to effectively react to any security event. Therefore, it is important that you understand the topics covered in previous chapters before reading this ...

Get End-to-End Network Security: Defense-in-Depth now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.