Présentation de l'éditeur
This book teaches readers what they need to know to not only set up an incident response effort, but also how to improve existing incident response efforts. The book provides a comprehensive approach to incident response, covering everything necessary to deal with all phases of incident response effectively ¿ spanning from pre-incident conditions and considerations to the end of an incident.
Although technical considerations, (e.g. the particular binaries in Unix and Linux and dynamically linked libraries in Windows NT and Windows 2000) that need to be inspected in case they are corrupted, the types of logging data available in major operating systems and how to interpret it to obtain information about incidents, how network attacks can be detected on the basis of information contained in packets, and so on ¿ the major focus of this book is on managerial and procedural matters. Incident Response advances the notion that without effective management, incident response cannot succeed.
Quatrième de couverture
The increasing complexity and diversity of systems, applications, and networks has made them more difficult to defend. As companies continue to experience losses due to security breaches, security professionals must take a new approach in protecting their assets. By using monitoring and detection measures with prompt intervention, you can reduce the magnitude of incidents. This book gives you the information you need to develop an effective incident response strategy. Providing specific security plans from internationally recognized experts on the topic, illustrated through case studies showing real-world application, Incident Response provides comprehensive coverage of all phases of incident response, from pre-incident conditions and considerations to post-incident analysis. Dr. E. Eugene Schultz and Russell Shumway (along wiht a contribution by Dr. Terry Gudaitis) teach you security principles that help you minimize information loss and system disruption.
