P. 1
Computer forensics EC-Council V2-module4

Computer forensics EC-Council V2-module4

|Views: 101|Likes:
Published by agtpkustoms13
Csirt Handbook
Csirt Handbook

More info:

Published by: agtpkustoms13 on Oct 04, 2012
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

08/06/2013

pdf

text

original

Support Type

Description

Education/Training

This might range from issues like “Forming a new CSIRT” to technical tutorials to
understand the nature of incidents.

Out-of-Hours Coverage

While one CSIRT may only provide service during business hours, another fellow
CSIRT may take calls during other hours as part of a collaboration agreement. This is
particularly relevant if a team operates under the indirect control of a coordination
center.

Technical Expertise

To address technical questions and share this knowledge with other teams.

Cooperative Work

To address problems that are too difficult to solve with the resources of a single
team, two or more teams might come together and collaborate to seek the solution to
such a problem. This handbook is a good example of this kind of cooperation.

Other Opinions

While working on the solution to a particular problem, the members of the team
involved may be too close to the problem to view it objectively. To avoid the
negative impact that might arise in these instances, another team might be asked to
review and provide an opinion on the proposed solution before it is publicly
distributed. Existing CSIRTs have a long history of exchanging draft advisories and
often incorporate many suggestions before the final advisory is released.

Point of Contact to Other
Teams or Experts

Since a team might need a trusted contact for a specific site or network, they can ask
other teams whether they have an established contact or if they know somebody else
to ask. This also holds true for contacts to technical experts and vendors.

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->