Understanding Incident Handling

When an intrusion on your network occurs, the mantra you must chant is, “Do not panic!” Panicking is the worst thing you can do because if you rush and don't take time to think things through, you could miss or affect essential forensics information that security professionals, network-intrusion specialists, and even the authorities may need. Hopefully, if you have an effective IDS solution in place, you will actually be aware of the incident while it is happening and you may be able to keep them on the line. Or, at minimum, you might be able to gather some information on the intruder.

A few pieces of information can be critical when trying to catch or stop a hacker during or after an incident. This information ...

Get TICSA TruSecure™ ICSA Certified Security Associate Exam TU0-001 now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.