12.3 Reasoning and Inference
In the security community, the term incident generally represents a state where a system deviates from its security requirements or policies or expectations, as we have previously presented. A security incident might be the result of accident or random failures during normal usage, or may be caused intentionally from attacks upon a system or network, or a combination of these. Such attacks on a system or network often consist of many successive actions and states and a series of state changes leading from an initially secure state or baseline to one of several possible compromised states, which cannot be precisely calculated. For these kinds of problems, heuristic reasoning and inference are very helpful to humans-in-the-loop, ...
Get Information Security Management, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
