Advertise Search Free Magazines Newest Links Categories Register Login

Application Security Architecture Authentication Certifications Corporate Compliance Cryptology Disaster Recovery Enterprise Security Exploits Firewalls Incident Handling Intrusion Detection Link Directory OS Security Podcasts Policies and Procedures Security Basics Security Management Security Tools Servers Standards Techie Humor Video VoIP Vulnerability Management Web Security WIFI Security Worms and Viruses Definition of Incident Response Team Most Popular Sponsor Backup & Recovery - Top 10 Reasons to Upgrade

Incident Response Team Information Protection Center: Stage 1 - Active: Detection Phase It is often difficult to determine if the unusual or suspicious event is symptomatic of an incident because apparent evidence of security incidents often indicates a problem with system configuration, untested application program, hardware failure, or frequently user errors. Read the Article Information Protection Centre: Stage 1 - Active: Assessment Phase The business impact of highly malicious events is pre-assessed and it is decided that the cost of a false positive is outweighed by the impact of a successful occurrence of the specified event. Read the Article Information Protection Center: Stage 1 - Active: Protection Phase The most important step in this is to establish strong protection. This protection comes from knowing the threats and countermeasures, being aware of the organization's vulnerable assets and implementation of controls to protect these. Read the Article Information Protection Center: Stage 1 - Active: Response Phase This may involve working with the affected organization to determine the cause of the incident and help them to become secure again, or it may involve finding a solution to a vulnerability that is actively being exploited to compromise many organizational assets. Reactive response is always done on a priority basis and involves three stages--containment, eradication and recovery-- followed by a post-incident analysis. Whatever is done must be consistent with security policies. Read the Article CIRT - Framework and Models In this paper I will be discussing significance of CIRT, high level framework of CIRT and describe two standards for forming a CIRT. Comparing two standards could be a topic for a PhD research. Read the Article Page: 1 2 Members currently browsing this category:

Copyright 2008 AttackPrevention