Describe the function of a computer incident response team (CIRT) and the steps that a CIRT should perform following a security incident
What will be an ideal response?
Answer: A CIRT is responsible for dealing with major security incidents and breaches. The team should include technical specialists and senior operations management. In response to a security incident, first the CIRT must recognize that a problem exists. Log analysis, intrusion detection systems can be used to detect problems and alert the CIRT. Second, the problem must be contained, perhaps by shutting down a server or curtailing traffic on the network. Third, the CIRT must focus on recovery. Corrupt programs may need to be reinstalled and data restored from backups. Finally, the CIRT must follow-up to discover how the incident occurred and to design corrective controls to prevent similar incidents in the future.
You might also like to view...
This statement reports the financial positions of a company at a point in time.
a. The income statement b. The balance sheet c. The statement of cash flows d. The statement of stockholders' equity
Simon owns a property. He may not destroy its value to future holders. After his death, the property will pass to Rachel. Which of the following interests in real property does Rachel have?
A) life estate B) future interest C) conditional estate D) fee simple absolute