Incident Response
Incident Response By Kenneth R. van Wyk, Richard Forno
August 2001
Pages: 234

| Table of Contents | Index | Sample Chapter | Colophon

Table of Contents

  1. Chapter 1 What Is Incident Response?

    1. Real-Life Incidents

    2. What Is an Incident?

    3. About the Bad Guys

    4. What Is Incident Response?

    5. Risk Assessment and Incident Response

    6. Development of Incident Response Efforts

    7. Are You Ready? Are You Willing?

  2. Chapter 2 Incident Response Teams

    1. Who Should Do It?

    2. Public Resource Teams

    3. Internal Teams

    4. Commercial Teams

    5. Vendor Teams

    6. Ad Hoc Teams

    7. Forum of Incident Response and Security Teams (FIRST)

    8. Now Who Should Do It?

  3. Chapter 3 Planning the Incident Response Program

    1. Establishing the Incident Response Program

    2. Internal Versus External

    3. Types of Incidents

    4. Who Are the Clients?

    5. Summary

  4. Chapter 4 Mission and Capabilities

    1. Roles and Responsibilities

    2. Staffing and Training

    3. Involving the Critical Players

    4. List of Contacts

    5. Setting Up a Hotline

    6. Establishing Procedures

    7. Awareness and Advertising

    8. Fire Drills

    9. Issues and Pitfalls

  5. Chapter 5 State of the Hack

    1. The Moving Target

    2. Keeping Up with Attack Profiles

    3. Training

  6. Chapter 6 Incident Response Operations

    1. We've Been Hit -- Now What?

    2. Incident Response Processes

    3. While Under Pressure

  7. Chapter 7 Tools of the Trade

    1. What's Out There?

    2. Network-Based Tools

    3. Network Monitors and Protocol Analyzers

    4. Network-Based Intrusion Detection Systems

    5. Network Vulnerability Scanners

    6. Other Essential Network-Based Tools

    7. Host-Based Tools

    8. Communications

    9. Encryption

    10. Removable Storage Media

    11. The Incident Kit

    12. If We Ruled the World

  8. Chapter 8 Resources

    1. Security Information on the Web

    2. Incident Response Team Resources

    3. Commercial Incident ResponseService Providers

    4. Antivirus Products

    5. Mailing Lists and Newsgroups

    6. U.S. Government Resources

    7. Training, Conferences, and Certification Programs

    8. Legal Resources

  1. Appendix A FIRST

    1. FIRST Statement of Mission and Strategic Goals

    2. FIRST Member Team Information

  2. Appendix B Sample Incident Report

    1. Incident Chronology

    2. Law Enforcement Coordination

    3. Damage Assessment

    4. Management Review

  3. Colophon

Return to Incident Response