Handling Specific Incidents
The principles outlined in the previous section provide an excellent framework for handling all computer-security incidents. In this section, we examine specific steps that should be taken in response to certain types of incidents.
Web Server Attacks
Web server attacks usually take one of two forms: denial-of-service attacks or site defacement. Denial-of-service attacks aim to prevent Web users from accessing a site. Response teams can often blunt these attacks by having rapid response “hot sites” and DNS modification kits available to redirect Web traffic. When hackers launch site-defacement attacks, they replace legitimate Web content with content of their own choosing (often denigrating the target organization or ...
Get TICSA TruSecure™ ICSA Certified Security Associate Exam TU0-001 now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
