What Is Incident Response?

This book covers a broad range of considerations associated with responding to security-related incidents in computing systems and networks. Before we can define “incident response,” however, it is necessary to first define what “incidents” are.

Definition of Incidents

By incidents, we mean adverse events that threaten security in computing systems and networks. Events include any observable thing that happens in a computer and/or network. Events include connecting to another system via a network, accessing files, system shutdowns, and so on. Adverse events include system crashes, packet flooding within a network, unauthorized use of another user’s account, unauthorized use of system privileges, defacement of one ...

Get Incident Response: A Strategic Guide to Handling System and Network Security Breaches now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.