Incident Response: A Strategic Guide to Handling System and Network Security Bre
E. Eugene Schultz, Russell Shumway
售價: $1,320CISSP All-in-One Exam Guide, 5/e (Hardcover)
貴賓價: $665Information Warfare and Security
售價: $99Information Warfare: How to Survive Cyber Attacks
售價: $399Real World Linux Security: Intrusion Prevention, Detection and Recovery
售價: $990Linux System Security, 2/e
貴賓價: $336Nginx 高性能 Web 服務器詳解
This book teaches readers what they need to know to not only set up an incident response effort, but also how to improve existing incident response efforts. The book provides a comprehensive approach to incident response, covering everything necessary to deal with all phases of incident response effectively ¿ spanning from pre-incident conditions and considerations to the end of an incident.
Although technical considerations, (e.g. the particular binaries in Unix and
Linux and dynamically linked libraries in Windows NT and Windows 2000) that need
to be inspected in case they are corrupted, the types of logging data available
in major operating systems and how to interpret it to obtain information about
incidents, how network attacks can be detected on the basis of information
contained in packets, and so on ¿ the major focus of this book is on managerial
and procedural matters. Incident Response advances the notion that
without effective management, incident response cannot succeed.
Table of Contents
1. An Introduction to Incident Response.
2. Risk Analysis.
3. A Methodology for Incident Response.
4. Forming and Managing an Incident Response Team.
5. Organizing for Incident Response.
6. Tracing Network Attacks.
7. Legal Issues.
8. Forensics I.
9. Forensics II.
10. Responding to Insider Attacks.
11. The Human Side of Incident Response.
12. Traps and Deceptive Measures.
13. Future Directions in Incident Response.
Appendix A. RFC-2196.
Appendix B. Incident Response and Reporting Checklist.