Buying Options
Incident Response
Safari Books Online
Add to Cart
What is this?

Incident Response

By
Kenneth R. van Wyk, Richard Forno
Publisher:
O'Reilly Media
Released:
August 2001
Pages:
240
Description
Are you ready for a computer "incident," such as a security breach? Incident Response shows you both the technical and administrative aspects of building an effective incident response plan. You'll learn about the different types of incidents and ways to respond to them, how to put together an incident response team, what procedures to use, what tools there are for investigating incidents, and where to find extensive online resources.
Full Description
Table of Contents

  1. Chapter 1 What Is Incident Response?

    1. Real-Life Incidents

    2. What Is an Incident?

    3. About the Bad Guys

    4. What Is Incident Response?

    5. Risk Assessment and Incident Response

    6. Development of Incident Response Efforts

    7. Are You Ready? Are You Willing?

  2. Chapter 2 Incident Response Teams

    1. Who Should Do It?

    2. Public Resource Teams

    3. Internal Teams

    4. Commercial Teams

    5. Vendor Teams

    6. Ad Hoc Teams

    7. Forum of Incident Response and Security Teams (FIRST)

    8. Now Who Should Do It?

  3. Chapter 3 Planning the Incident Response Program

    1. Establishing the Incident Response Program

    2. Internal Versus External

    3. Types of Incidents

    4. Who Are the Clients?

    5. Summary

  4. Chapter 4 Mission and Capabilities

    1. Roles and Responsibilities

    2. Staffing and Training

    3. Involving the Critical Players

    4. List of Contacts

    5. Setting Up a Hotline

    6. Establishing Procedures

    7. Awareness and Advertising

    8. Fire Drills

    9. Issues and Pitfalls

  5. Chapter 5 State of the Hack

    1. The Moving Target

    2. Keeping Up with Attack Profiles

    3. Training

  6. Chapter 6 Incident Response Operations

    1. We've Been Hit -- Now What?

    2. Incident Response Processes

    3. While Under Pressure

  7. Chapter 7 Tools of the Trade

    1. What's Out There?

    2. Network-Based Tools

    3. Network Monitors and Protocol Analyzers

    4. Network-Based Intrusion Detection Systems

    5. Network Vulnerability Scanners

    6. Other Essential Network-Based Tools

    7. Host-Based Tools

    8. Communications

    9. Encryption

    10. Removable Storage Media

    11. The Incident Kit

    12. If We Ruled the World

  8. Chapter 8 Resources

    1. Security Information on the Web

    2. Incident Response Team Resources

    3. Commercial Incident ResponseService Providers

    4. Antivirus Products

    5. Mailing Lists and Newsgroups

    6. U.S. Government Resources

    7. Training, Conferences, and Certification Programs

    8. Legal Resources

  1. Appendix A FIRST

    1. FIRST Statement of Mission and Strategic Goals

    2. FIRST Member Team Information

  2. Appendix B Sample Incident Report

    1. Incident Chronology

    2. Law Enforcement Coordination

    3. Damage Assessment

    4. Management Review

  3. Colophon

View Full Table of Contents
Product Details
Title:
Incident Response
By:
Kenneth R. van Wyk, Richard Forno
Publisher:
O'Reilly Media
Formats:
  • Print
  • Safari Books Online
Print Release:
August 2001
Pages:
240
Print ISBN:
978-0-596-00130-8
| ISBN 10:
0-596-00130-4
Customer Reviews
About the Authors

  1. Kenneth R. van Wyk

    Kenneth R. van Wyk is an internationally recognized information security expert and author of the O'Reilly Media books, Incident Response and Secure Coding. In addition to providing consulting and training services through his company, KRvW Associates, LLC, he currently holds numerous positions: as a monthly columnist for on-line security portal, eSecurityPlanet, and a Visiting Scientist at Carnegie Mellon University's Software Engineering Institute.

    Ken has 20+ years experience as an IT Security practitioner in the academic, military, and commercial sectors. He has held senior and executive technologist positions at Tekmark, Para-Protect, Science Applications International Corporation (SAIC), in addition to the U.S. Department of Defense and Carnegie Mellon and Lehigh Universities.

    Ken also served a two-year elected position as a member of the Steering Committee, and a one-year elected position as the Chairman of the Steering Committee, for the Forum of Incident Response and Security Teams (FIRST) organization. At the Software Engineering Institute of Carnegie Mellon University, Ken was one of the founders of the Computer Emergency Response Team (CERT®). He holds an engineering degree from Lehigh University and is a frequent speaker at technical conferences, and has presented papers and speeches for CSI, ISF, USENIX, FIRST, AusCERT, and others. Ken is also a CERT® Certified Computer Security Incident Handler.

    View Kenneth R. van Wyk's full profile page.

  2. Richard Forno

    Richard Forno is a recognized security professional and coauthor of The Art of Information Warfare. He has held high-profile security positions at major companies and government organizations; he helped establish the first incident response team for the United States House of Representatives and provided advisory support to offices of the Department of Defense on information warfare. He is the cofounder of G2-Forward, a prominent information analysis and distribution service supporting the military intelligence and law enforcement communities. In 1998, he became the chief security officer for Network Solutions (the InterNIC), the company responsible for developing and operating the Internet Shared Registry System.

    View Richard Forno's full profile page.

Colophon

Our look is the result of reader comments, our own experimentation, and feedback from distribution channels. Distinctive covers complement our distinctive approach to technical topics, breathing personality and life into potentially dry subjects. The image on the cover of Incident Response is a diver and shark. There are over 350 species of sharks, but only three are responsible for most attacks on swimmers and divers: the white shark (Carcharodon leucas), the tiger shark (Galeocerdo cuvier), and the bull shark (Carcharhinus leucas). Other species known to attack humans include the hammerhead, the shortfin mako, and certain reef sharks. In Florida, reports of shark attacks implicate the blacktip, spinner, and blacknose sharks. To avoid shark attacks, divers are advised to swim in groups and avoid the water at night, dawn, and dusk.

Sharks are the apex predator of the ocean, balancing the ecosystem by controlling the populations of other animals such as seals and pinnipeds. Sharks rely on sight, taste, smell, and sound to track prey in the water. They can sense electric and magnetic fields, and detect low frequency vibrations a mile or more away. Their teeth are constantly replaced, sometimes every eight days, and their bodies are a hydrodynamic torpedo shape. The smallest shark, the 6-inch cigar shark, lives 1,500 feet under the surface in the Atlantic, Indian, and western Pacific oceans. The largest shark is the 60-foot whale shark, which feeds on plankton. The average lifespan is 25 years, but some sharks live to be as much as 100 years old. Colleen Gorman was the production editor and copyeditor for Incident Response. Mary Brady was the proofreader, and Nicole Arigo provided quality control. Molly Shangraw and Edie Shapiro provided production support. Ellen Troutman-Zaig wrote the index.

Ellie Volckhausen designed the cover of this book, based on a series design by Edie Freedman. The cover image is a 19th-century engraving from Dover's Men: A Pictoral Archive from 19th Century Sources. Emma Colby produced the cover layout with QuarkXPress 4.1 using Adobe's ITC Garamond font.

David Futato designed the interior layout based on a series design by Nancy Priest. Neil Walls converted the files from Microsoft Word to FrameMaker 5.5.6 using tools created by Mike Sierra. The text and heading fonts are ITC Garamond Light and Garamond Book; the code font is Constant Willison. The illustrations that appear in the book were produced by Robert Romano and Jessamyn Read using Macromedia Free-Hand 9 and Adobe Photoshop 6. This colophon was written by Colleen Gorman.

Whenever possible, our books use a durable and flexible lay-flat binding. If the page count exceeds this binding's limit, perfect binding is used.

  • Book cover of Incident Response
Got a Question?
icons
Favicon Service and support by Satisfaction