What Is Incident Response?
This book covers a broad range of considerations associated with responding to security-related incidents in computing systems and networks. Before we can define “incident response,” however, it is necessary to first define what “incidents” are.
Definition of Incidents
By incidents, we mean adverse events that threaten security in computing systems and networks. Events include any observable thing that happens in a computer and/or network. Events include connecting to another system via a network, accessing files, system shutdowns, and so on. Adverse events include system crashes, packet flooding within a network, unauthorized use of another user’s account, unauthorized use of system privileges, defacement of one ...
Get Incident Response: A Strategic Guide to Handling System and Network Security Breaches now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.