If there is an incident and it’s identified as an attack, there are several things that can be done. The worst of course is the “lets close our eyes and maybe it will go away.” This happens more often than not. So with that said there are two ways to approach incident response: Reactive and Proactive. Either is better then nothing, but if you can set your organization up to incorporate both you have a plan that will carry you through the worst situations.A good reactive plan involves policies and training to identify what requires response, what should be done when an incident is identified, and the best course of action to take. A good proactive plan puts in place all of the necessary components towards identifying or stopping potential attacks before they are able to be completed.
Incident response is key when safeguarding data once an incident has occurred. If an incident is identified and personnel identifying it are able to respond appropriately, the ability to safeguard data and recover back to an operational state has increased. In some cases a properly developed incident response plan can prevent a small incident from becoming a catastrophe. Incident response is more than a group of people responding to an incident. A good response team is developed with a strong set of procedures in place to ensure each member knows their role and that the individual who identified the incident also knows the proper reporting procedures.
IT104MANILYN ELLICA
"manix'10" "january 5""
mailyne
About Me
- mellica
- I’m the kind of girl who doesn’t really care about my looks, the way I dress and the way I wear my shoes.People may destroy my image, stain my personality but they can’t take away my character because no matter what, I’m admired by people who really know me.
Tuesday, December 7, 2010
2.Some Characteristic of common computer criminals including their objectives?
Hacker-test limits of system and gain publicity.
Cracker-cause problems,steal data and corrupt system.
Insider-make money and disrupt company's information system.
Industrial spy-capture trade secrets and gain competitive advantage.
Cyber criminals-make money.
1.Why has there been a dramatic increase in the number of computer related security incidents in recent years?
IT Security Incidents:A worsening problem
.Security of Information technology is of utmost importance.
Protect confidential data
Protect against malicious acts of theft or disruption.
Must be balanced against other business needs and issues.
-Number of IT-related security incidents is increasing around the world.
-Computer Emergency Response Team Coordination Center.
Monday, December 6, 2010
How Firewalls Work
Inside this Article
firewall
A firewall is a set of related programs, located at a network gateway server, that protects the resources of a private network from users from other networks. (The term also implies the security policy that is used with the programs.) An enterprise with an intranet that allows its workers access to the wider Internet installs a firewall to prevent outsiders from accessing its own private data resources and for controlling what outside resources its own users have access to.
Basically, a firewall, working closely with arouter program, examines each network packet to determine whether to forward it toward its destination. A firewall also includes or works with a proxy server that makes network requests on behalf of workstation users. A firewall is often installed in a specially designated computer separate from the rest of the network so that no incoming request can get directly at private network resources.
There are a number of firewall screening methods. A simple one is to screen requests to make sure they come from acceptable (previously identified) domain name and Internet Protocol addresses. For mobile users, firewalls allow remote access in to the private network by the use of secure logon procedures and authentication certificates.
Basically, a firewall, working closely with a
There are a number of firewall screening methods. A simple one is to screen requests to make sure they come from acceptable (previously identified) domain name and Internet Protocol addresses. For mobile users, firewalls allow remote access in to the private network by the use of secure logon procedures and authentication certificates.
Subscribe to:
Posts (Atom)