O'Reilly logo

SSCP® Systems Security Certified Practitioner All-in-One Exam Guide by Darril Gibson

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Responding to Incidents

In the best of worlds, all of your risk management practices will prevent any incidents. However, avoiding all incidents is highly unlikely, so organizations also come up with a plan for how to respond to incidents when they occur.

In the context of IT security, a security incident is any violation of policies or security practices that has the potential to result in an adverse event. NIST SP 800-61, Computer Security Incident Handling Guide, provides several definitions that are helpful in identifying incidents:

An event is any observable occurrence in a system or network.

Adverse events are events with a negative consequence, such as system crashes, network packet floods, unauthorized use of system privileges, unauthorized ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required