More From This User
Ids Checklist
deployment checklist
Wimax-Business Case for Emerging Mkts
a wimax business case study
Version
2
.0May 31, 2005
Intrusion detection checklist:Six stages of handling attacks
Preparation
Have a solid foundation of policies and procedures already completed.
Ensure members of your team understand their duties in case of a breach.
1
Run mock tests and ensure your polices and procedures reflect your successes and failures.
Make sure the configurations on your system are not at their default levels from when they were shipped.
Make frequent backups.
Keep system log files for at least a month and consider additional storage time for log storage.
Keep known good copies of system binaries away from your main systems.
Keep known good copies of system and network configuration files away from your main systems.
Consider using security tools.
Detection
Determine the extent and type of intrusion.
2
Document everything for follow-up, lessons learned, training, and potential criminal actions.
Capture all logs separately to allow you the chance to see real-time data.Store any logs, data, or information away from your main systems.
Notify appropriate departments and managers as required in your security policy.
Page 1
Copyright ©2005 CNET Networks, Inc. All rights reserved.For more downloads and a free TechRepublic membership, please visithttp://techrepublic.com.com/2001-6240-0.html
Intrusion detection checklist: Six stages of handling attacks
Containment
Document your actions and track processes.
Notify departmental administration.
3
Decide whether to shut the system down or isolate it and/or keep it running.Figure out if you need to notify users and how that will happen.
4
Extermination
Follow your pre-established security breach checklist.
Determine whether you should clean/reformat drives.Make sure the backups are okay and check for previous infection or previously left-behind files.
Restoration
Follow your pre-established recovery procedures.
5
Decide whether you need to restore user information, data files, and group information.
Finalization
Make sure you review all th
6
e documentation that has been captured.
Create an incident report.
Create and distribute a lessons-learned document to appropriate members.Contact your legal department for potential damages.
Keep all documentation for potential use by law enforcement.
Page 2
Copyright ©2005 CNET Networks, Inc. All rights reserved.For more downloads and a free TechRepublic membership, please visithttp://techrepublic.com.com/2001-6240-0.html
of 00
Ids Checklist
deployment checklist
401 Reads
Info and Rating
| Category: | |
| Rating: | |
| Upload Date: | 10/18/2009 |
| Copyright: | Attribution Non-commercial |
| Tags: |
Leave a Comment