Reporting the Incident

Previous page
Table of content
Next page
I l @ ve RuBoard

Once you have determined that a security incident has taken place, you must determine the severity of the security incident so that the correct people can be notified at the appropriate time. This is very important ” too soon may create undo concern, too late, embarrassment. These people will include system administrative personnel, users, management, and local, state, or federal law enforcement authorities.

Notification must be made of the security incident to the appropriate people (management, legal counsel, law enforcement) at the appropriate time. Some actions cannot be taken until authorized by the appropriate individual. The response cannot begin until those responsible for implementation are notified and mobilized.

Corporate Management

An incident should be communicated to management immediately. Computer-based communications such as e-mail, electronic notes, or instant messaging programs should not be used, since they may not be secure. Contact management using the telephone, pager, or in person. Do not use web-based or other computer services to send an alpha page. Inform the manager that you have identified a possible breach of computer security.

Affected Partners

If the affected system is known to be a trusted host of any other systems, inform the manager of this and any activity that has been performed to detect intrusion activity on the other systems. Provide them with any information they may need in order to allow others to detect any other intrusions that may be in progress on other systems.

Law Enforcement

It must be necessary or advantageous to contact law enforcement about the incident. Law enforcement may need to be involved to recover stolen information or equipment, or to get the information necessary to track the intruder. Contact law enforcement and provide incident documentation, share information about the intruder, and share any ideas about possible motives. To initiate an investigation, contact your local FBI office or the appropriate federal, state, or local law enforcement agency.

I l @ ve RuBoard

Previous page
Table of content
Next page
Halting the Hacker. A Practical Guide to Computer Security
Halting the Hacker: A Practical Guide to Computer Security (2nd Edition)
ISBN: 0130464163
EAN: 2147483647
Year: 2002
Pages: 210
Authors: Donald L. Pipkin
BUY ON AMAZON
Database Modeling with MicrosoftВ® Visio for Enterprise Architects (The Morgan Kaufmann Series in Data Management Systems)
Absolute Beginner[ap]s Guide to Project Management
Certified Ethical Hacker Exam Prep
FileMaker Pro 8: The Missing Manual
Building Web Applications with UML (2nd Edition)
Data Structures and Algorithms in Java
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy