Like this CertiGuide? Get it in PDF format!
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Need more practice? 300 additional Security+ questions!
Get It Here!

Custom Search







Table Of Contents  CertiGuide to Security+
 9  Chapter 3:  Infrastructure Security (Domain 3.0; 20%)
      9  3.4  Intrusion Detection
           9  3.4.4  Incident Response

Previous Topic/Section
3.4.4  Incident Response
Previous Page
Pages in Current Topic/Section
1
Next Page
Six-Step Incident Response Process
Next Topic/Section

Role of IDS in Incident Response

As seen above, sometimes part of that response is accomplished FOR you, by the IDS doing what it can to stop the attack, determine the extent of the damage, and safeguard the system or your network from further attacks by taking actions like shutting down services.

At other times, it’s up to you to get the email, page, or alert on your computer screen, and race into action. Do you immediately shut the attacker off? Or do you let them continue for a while, and try to determine the source of the attack so that you might have a better lead on who could be prosecuted later? (Take note: few prosecutions of this sort are successful.)

Do you yank your site’s Internet connection? All of these are potentially valid actions that the authors have seen network administrators take more than once.


Previous Topic/Section
3.4.4  Incident Response
Previous Page
Pages in Current Topic/Section
1
Next Page
Six-Step Incident Response Process
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $



Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.