Summary
This chapter started by making a case for using an incident response methodology. Deploying this kind of methodology can impose structure and organization, result in greater efficiency, facilitate an understanding of the process of responding to incidents, enable those who use a methodology to better respond to unexpected events, and help in dealing with legal issues.
This chapter has presented the PDCERF methodology, one of several possible methodologies, but one that is very time proven and well accepted. The first stage is preparation for dealing with an incident. The second is detection—identifying that an incident has occurred or is occurring. The third is containment—limiting the potential that an incident will spread. The fourth ...
Get Incident Response: A Strategic Guide to Handling System and Network Security Breaches now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
