Book description
Seventy percent of businesses reported security breaches in 2000, and the rate is on the rise. Is your organization ready to respond to such an incident head-on? Will you be able to tell whether an incident is an attack or a glitch in the system? Do you know how to assess the possible damage from an incident? Incident Response shows you how to answer questions like these and create a plan for exactly what to do before, during, and after an incident. The authors of Incident Response draw on years of experience developing and taking part in incident response teams at the highest levels of government and business. They guide you through both the technical and administrative details of effective incident response planning as they describe:
What incident response is, and the problems of distinguishing real risk from perceived risk
The different types of incident response teams, and advantages and disadvantages of each
Planning and establishing an incident response team
State of the Hack® information about different types of attacks
Recommendations and details about available tools for incident response teams
Resources available to incident response teams
Whatever your organization's size or purpose, Incident Response shows how to put in place an incident-response process that's as planned, efficient, and businesslike as any other IT operation in a mature organization. Incidents happen, and being able to respond to them effectively makes good business sense.
Table of contents
-
Incident Response
- Foreword
- Preface
- 1. What Is Incident Response?
- 2. Incident Response Teams
- 3. Planning the Incident Response Program
- 4. Mission and Capabilities
- 5. State of the Hack
- 6. Incident Response Operations
- 7. Tools of the Trade
-
8. Resources
- Security Information on the Web
- Incident Response Team Resources
- Commercial Incident ResponseService Providers
- Antivirus Products
- Mailing Lists and Newsgroups
- U.S. Government Resources
- Training, Conferences, and Certification Programs
-
Legal Resources
-
Relevant United States Federal Laws Regarding Computer Crime and Incident Response
- Identity Theft and Assumption Deterrence Act (18 USC 2028)
- Fraud and Related Activity in Connection with Access Devices (18 U.S.C. 1029)
- Computer Fraud and Abuse Act (18 U.S.C. 1030)
- Economic Espionage Act (18 U.S.C. 1831 and 1832)
- Electronics Communications Privacy Act (18 U.S.C. 2510)
- U.S. Department of Justice (DOJ) Guidelines for Warning Banners
-
Relevant United States Federal Laws Regarding Computer Crime and Incident Response
-
A. FIRST
- FIRST Statement of Mission and Strategic Goals
-
FIRST Member Team Information
- AFCERT
- ANS
- Apple
- AT&T
- AUSCERT
- BACIRT
- BadgIRT
- BCERT
- BSI/GISA
- BTCERTCC
- CARNet CERT
- CCTA
- CERT/CC
- CERTA
- CERTCC-KR
- CERT-IST
- CERT-IT
- CERT-NASK
- CERT-NL
- CERT-Renater
- CIAC
- Cisco PSIRT
- Cisco Systems
- Citigroup CIRT
- Compaq SSRT
- CSIRT.DK
- DANTE
- DERA
- DFN-CERT
- DIRT
- DK-CERT
- DND CIRT
- DOD-CERT
- EDS
- ELN-FIRST
- EWA-Canada
- FSC-CERT
- GE
- GI-REACT
- Goldman Sachs
- GTCERT
- Guardent
- HOUSECIRT
- HP
- IBM-ERS
- ILAN-CERT
- IP+CERT
- IRIS-CERT
- ISS
- IU-CERT
- JANET-CERT
- JPCERT/CC
- MCIRT
- MCIWorldCom
- Micro-BIT
- MxCERT
- NAI
- NASIRC
- NAVCIRT
- NCSA-IRST
- NEXTRA-CERT
- NIHIRT
- NIST/CSRC
- NORDUnet
- NU-CERT
- OSU-IRT
- OxCERT
- Para-CERT
- PruCERT
- PSU
- Riptech-CERT
- Rob Thomas
- SBACERT
- secu-CERT
- SGI
- SI-CERT
- Siemens-CERT
- SingCERT
- Sprint
- Sun
- SUNSeT
- SWITCH-CERT
- TeliaCERTCC
- Trident
- UCERT
- UNI-CERT
- UNINETT CERT
- UNIRAS
- VISA-CIRT
- B. Sample Incident Report
- Index
- Colophon
Product information
- Title: Incident Response
- Author(s):
- Release date: August 2001
- Publisher(s): O'Reilly Media, Inc.
- ISBN: 9780596001308
You might also like
book
Intelligence-Driven Incident Response
Using a well-conceived incident response plan in the aftermath of an online security breach enables your …
book
Effective Incident Response Team, The
When an intruder, worm, virus, or automated attack succeeds in targeting a computer system, having specific …
book
Intelligence-Driven Incident Response, 2nd Edition
Using a well-conceived incident response plan in the aftermath of an online security breach enables your …
book
Applied Incident Response
Incident response is critical for the active defense of any network, and incident responders need up-to-date, …