Documenting all Failed Attempts

Previous page
Table of content
Next page

All detected violations must be registered in special logs. You can initiate various response procedures based on the registered data. However, practical experience has shown that you can not always be sure that there has been an attack on specific resources of your corporate network. Sometimes specific events might seem suspicious, and these suspicions must not be neglected. You should document any suspicious events so that when additional information is collected, you can return to them and perform a more detailed investigation.

The same log that contains registered attacks and attack attempts must contain the actions taken during the incident investigation and response, and should carefully document the result of these actions. If attacks continue, this will help you to quickly reproduce the most efficient counteraction measures.


Previous page
Table of content
Next page
Protect Your Information with Intrusion Detection
Protect Your Information with Intrusion Detection (Power)
ISBN: 1931769117
EAN: 2147483647
Year: 2001
Pages: 152
Authors: A. Lukatsky, Alex Lukatsky
BUY ON AMAZON
High-Speed Signal Propagation[c] Advanced Black Magic
C++ How to Program (5th Edition)
Competency-Based Human Resource Management
Lotus Notes Developers Toolbox: Tips for Rapid and Successful Deployment
GO! with Microsoft Office 2003 Brief (2nd Edition)
Telecommunications Essentials, Second Edition: The Complete Global Source (2nd Edition)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy