Incident Response: A Strategic Guide to Handling System and Network Security Breaches
Incident Response: A Strategic Guide to Handling System and Network Security Breaches
ISBN: 1578702569
EAN: 2147483647
EAN: 2147483647
Year: 2002
Pages: 103
Pages: 103
Authors: E. Eugene Schultz, Russell Shumway
- Incident Response: A Strategic Guide to Handling System and Network Security Breaches
- Table of Contents
- Copyright
- About the Authors
- About the Technical Reviewers
- Acknowledgments
- Tell Us What You Think
- Introduction
- Organization of this Book
- Conventions Used in This Book
- Chapter 1. An Introduction to Incident Response
- What Is Incident Response?
- The Rationale for Incident Response
- Overview of Incident Response
- Summary
- Chapter 2. Risk Analysis
- About Risk Analysis
- Types of Security-Related Risks
- Obtaining Data About Security-Related Incidents
- The Importance of Risk Analysis in Incident Response
- Summary
- Chapter 3. A Methodology for Incident Response
- Rationale for Using an Incident Response Methodology
- A Six-Stage Methodology for Incident Response
- Caveats
- Summary
- Chapter 4. Forming and Managing an Incident Response Team
- What Is an Incident Response Team?
- Why Form an Incident Response Team?
- Issues in Forming a Response Team
- About Managing an Incident Response Effort
- Summary
- Chapter 5. Organizing for Incident Response
- Virtual Teams-Ensuring Availability
- Training the Team
- Testing the Team
- Barriers to Success
- External Coordination
- Managing Incidents
- Summary
- Chapter 6. Tracing Network Attacks
- What Does Tracing Network Attacks Mean?
- Putting Attack Tracing in Context
- Tracing Methods
- Next Steps
- Constructing an
- Final Caveats
- Summary
- Chapter 7. Legal Issues
- U.S. Computer Crime Statutes
- International Statutes
- Search, Seizure, and Monitoring
- Policies
- Liability
- To Prosecute or Not?
- Conclusion
- Chapter 8. Forensics I
- Guiding Principles
- Forensics Hardware
- Forensics Software
- Acquiring Evidence
- Examination of the Evidence
- Conclusions
- Chapter 9. Forensics II
- Covert Searches
- Advanced Searches
- Encryption
- Home Use Systems
- UNIX and Server Forensics
- Conclusions
- Chapter 10. Responding to Insider Attacks
- Types of Insiders
- Types of Attacks
- Preparing for Insider Attacks
- Detecting Insider Attacks
- Responding to Insider Attacks
- Special Considerations
- Special Situations
- Legal Issues
- Conclusion
- Chapter 11. The Human Side of Incident Response
- Integration of the Social Sciences into Incident Response
- Part I: Cybercrime Profiling
- Part II: Insider Attacks
- Part III: Incident Victims
- Part IV: Human Side of Incident Response
- Summary
- Chapter 12. Traps and Deceptive Measures
- About Traps and Deceptive Measures
- Advantages and Limitations of Traps and Deceptive Measures
- Focus: Honeypots
- Integrating Traps and Deceptive Measures into Incident Response
- Summary
- Chapter 13. Future Directions in Incident Response
- Technical Advances
- Social Advances
- The Progress of the Profession
- The Nature of Incidents
- Conclusion
- Appendix A. RFC-2196
- Site Security Handbook
- Appendix B. Incident Response and Reporting Checklist
Incident Response: A Strategic Guide to Handling System and Network Security Breaches
ISBN: 1578702569
EAN: 2147483647
EAN: 2147483647
Year: 2002
Pages: 103
Pages: 103
Authors: E. Eugene Schultz, Russell Shumway