August 2001
Intermediate to advanced
240 pages
8h 28m
English
Content preview from Incident ResponseBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Chapter 2. Incident Response Teams
Since the Carnegie Mellon CERT Coordination Center (CERT/CC) was established, incident response teams have sprouted in all sorts of places, ranging from government teams to commercial for-profit organizations set up similarly to the CERT/CC. In fact, there are almost as many types of teams as there are teams themselves. This is fortunate in today’s digital world -- organizations that recognize the advantages of instituting a robust incident response program have a multitude of options on how it is best accomplished. From a management perspective, one of the primary considerations between the different incident response capabilities is funding: who pays for the incident response services? From an operational perspective, however, the primary considerations are responsibility and services: to whom or what does the incident response team answer, and what services does it offer?
The answers to these questions determine the team’s priorities. For example, a team funded by a government agency or large community is responsible to that entire agency or community, not just one or two organizations. Thus, the services that it provides must be divided across the community it serves. Depending on the size of that community, the funding model of the team, and the core mission of the team itself, the team will be able to reasonably offer a particular set of services. The reason that the set of services is usually impacted by the size of the community is one ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.