Security Incident Reporting
Many companies define what to do when a security incident has occurred. However, in some businesses or in an incident that occurs on a home network, people are not always sure what to do. Following are the steps to take:
Step 1. Identify the issue. (See Table 18.14 for issues and best practices.)
TABLE 18.14 Incident reporting and actions
Step 2. Report the issue through the proper channels.
Step 3. Preserve the data/device by documenting the incident. Ensure your document includes everything. Any changes or moves, document that as well. Use a chain–of-custody form that travels with the data/device as more people ...
Get Complete CompTIA A+ Guide to IT Hardware and Software, Seventh Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
