High Quality
Open the downloaded document, and select print from the file menu (PDF reader required).
1
Unix Systems Forensicsand Incident Response
Presented by Kristy Westphalkmwestphal@cox.net
2
Why is IH/IR important?
The keys to Incidence Response
Plan for an incidentIdentify that an incident has occurredContainment of an incidentEradicate the issueRecoveryFollow up
3
Incident Severity
How bad does it need to be to do all of this?Severity depends on Risk Assessment
Performed by Security Dept., in conjunctionwith “assessment team”Lower severity will be loggedHigher severity will warrant more investigation
Add a Comment