Forensic course development: one year later
CITC5 '04 Proceedings of the 5th conference on Information technology education
An internet routing forensics framework for discovering rules of abnormal BGP events
ACM SIGCOMM Computer Communication Review
Security auditing course development
Proceedings of the 8th ACM SIGITE conference on Information technology education
Insiders behaving badly: addressing bad actors and their actions
IEEE Transactions on Information Forensics and Security
Interview: Network armies in a world without secrets
Network Security
Slammer lessons: The MS-SQL Slammer Worm
Network Security
Hi-index | 0.00 |
This book teaches readers what they need to know to not only set up an incident response effort, but also how to improve existing incident response efforts. The book provides a comprehensive approach to incident response, covering everything necessary to deal with all phases of incident response effectively ï戮驴 spanning from pre-incident conditions and considerations to the end of an incident.Although technical considerations, (e.g. the particular binaries in Unix and Linux and dynamically linked libraries in Windows NT and Windows 2000) that need to be inspected in case they are corrupted, the types of logging data available in major operating systems and how to interpret it to obtain information about incidents, how network attacks can be detected on the basis of information contained in packets, and so on ï戮驴 the major focus of this book is on managerial and procedural matters. Incident Response advances the notion that without effective management, incident response cannot succeed.