Chapter 9. Investigating Incidents
Well, it's happened. Somehow, in spite of all your hard work researching technology and devices; planning, budgeting, and managing; implementing and training, a security breach has occurred.
What now? How should you proceed? What should you do first? What should you do after that? You know that over the next few weeks or months, the big shots will study every move you've made, and that they'll find some level of fault with every step you took.
In the midst of the chaos of the incident, as the head of the Computer Emergency Response Team (CERT), (or the Computer Incident Response Team [CIRT]), you must rise to ...
Get Security Administrator Street Smarts: A Real World Guide to CompTIA Security+™ Skills, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
