19.1. Incident Response
The first part of any discussion about forensics should involve being proactive in developing an incident response plan. Incident response involves answering these basic questions: How will I, as a home user or IT administrator, deal with a break-in involving data theft? If someone broke into my file server tomorrow, copied all the data, and then reformatted my data volume, what would I do immediately following the break-in? Hopefully, after reading this chapter you will have an incident response plan ready, and some inexpensive digital forensics tools at your disposal.
It is important to be as proactive as you can, and one of the best steps you can take is to create a step-by-step plan to handle a violation of your security ...
Get Enterprise Mac Security: Mac OS X Snow Leopard now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
