O'Reilly logo

System Forensics, Investigation, and Response by K Rudolph, John R. Vacca

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 13. Incident and Intrusion Response

SYSTEM FORENSICS HELPS REDUCE THE OCCURRENCE of security incidents. It also helps minimize the impact of incidents that do occur. A forensic analyst examines how an attack is perpetrated and then develops controls to prevent or mitigate that form of attack. For example, the early Secure Sockets Layer (SSL) protocol safeguarded Internet sessions. However, it was vulnerable to man-in-the-middle attacks. Forensic analyses led to changes in SSL to eliminate this vulnerability.

To prevent and mitigate security incidents, an organization must establish formal incident prevention and intrusion response plans. You write these formal plans using an analytical framework. They should include incident response protocols. ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required