August 2000
Intermediate to advanced
800 pages
21h 5m
English
Content preview from Microsoft® Windows® 2000 Security HandbookBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Summary
Building and maintaining an intrusion response team can be a challenge, but it can also have great results for the overall security policy of your site. Intrusion handling is a scientific process; you should handle an intrusion as police handle a crime. Correctly gathering evidence and not tainting any gathered evidence is important if your organization wants to take an attacker to court. You might end up dealing with a lot of different groups of people, including other IRTs, law enforcement groups, and the public. For this reason, it is always a good idea to keep a level head and be well prepared in case your system comes under attack.