Incident Basics
Describe appropriate response measures to take after a computer security incident.
It is the aim of every person responsible for computer security to eliminate risks to their system and prevent attacks before they occur. Unfortunately, due to the rapidly changing nature of technology, it is impossible to totally achieve these goals. When these preventive measures fail and a breach of security occurs or is suspected to have occurred, it is called a computer security incident.
Types of Incidents
There are five main types of incidents that we consider in this chapter:
Web Server Attacks
Virus Attacks
Firewall or IDS Alerts
Unauthorized Modification of Files
Unauthorized Applications Running
Obviously, this is not an exhaustive list of ...
Get TICSA TruSecure™ ICSA Certified Security Associate Exam TU0-001 now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.