Cargando…

The effective incident response team /

When an intruder, worm, virus, or automated attack succeeds in targeting a computer system, having specific controls and a response plan in place can greatly lessen losses. Accordingly, businesses are realizing that it is unwise to invest resources in preventing computer-related security incidents w...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Lucas, Julie, 1964-
Otros Autores: Moeller, Brian
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Boston : Addison-Wesley, 2004.
Temas:
Acceso en línea:Texto completo (Requiere registro previo con correo institucional)
Descripción
Sumario:When an intruder, worm, virus, or automated attack succeeds in targeting a computer system, having specific controls and a response plan in place can greatly lessen losses. Accordingly, businesses are realizing that it is unwise to invest resources in preventing computer-related security incidents without equal consideration of how to detect and respond to such attacks and breaches. The Effective Incident Response Team is the first complete guide to forming and managing a Computer Incident Response Team (CIRT). In this book, system and network administrators and managers will find comprehensive information on establishing a CIRT's focus and scope, complete with organizational and workflow strategies for maximizing available technical resources. The text is also a valuable resource for working teams, thanks to its many examples of day-to-day team operations, communications, forms, and legal references. IT administrators and managers must be prepared for attacks on any platform, exploiting any vulnerability, at any time. The Effective Incident Response Team will guide readers through the critical decisions involved in forming a CIRT and serve as a valuable resource as the team evolves to meet the demands of ever-changing vulnerabilities. Inside, readers will find information on: Formulating reactive or preventative operational strategy Forming, training, and marketing the CIRT Selecting penetration-testing, intrusion-detection, network-monitoring, and forensics tools Recognizing and responding to computer incidents and attacks, including unauthorized access, denial-of-service attacks, port scans, and viruses Tracking, storing, and counting incident reports and assessing the cost of an incident Working with law enforcement and the legal community Benefiting from shared resources Scrutinizing closed incidents to further prevention Offering services such as user-awareness training, vulnerability and risk assessments, penetration testing, and architectural reviews Communicating the CIRT's return on investment through management reporting 0201761750B10062003.
Descripción Física:1 online resource.
Bibliografía:Includes bibliographical references and index.