did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

We're the #1 textbook rental company. Let us show you why.

9780596001308

Incident Response

by
  • ISBN13:

    9780596001308

  • ISBN10:

    0596001304

  • Format: Paperback
  • Copyright: 2001-08-01
  • Publisher: Oreilly & Associates Inc
  • Purchase Benefits
  • Free Shipping Icon Free Shipping On Orders Over $35!
    Your order must be $35 or more to qualify for free economy shipping. Bulk sales, PO's, Marketplace items, eBooks and apparel do not qualify for this offer.
  • eCampus.com Logo Get Rewarded for Ordering Your Textbooks! Enroll Now
List Price: $34.95

Summary

The number of computer incidents is increasing rapidly. When an incident occurs, how do you know if it's an attack or a glitch in the system? Are you ready with a response plan? Will anyone in your organization be able to assess the possible damage? "Incident Response guides you through both the technical and administrative details of effective response planning. You'll learn how to recognize an incident, write an incident-response plan, put together an incident-response team, investigate incidents, and find extensive online resources. The authors have years of experience developing and participating in response teams. Whatever your organization's size or purpose, "Incident Response shows how to put in place an incident-response process that's as planned, efficient, and businesslike as any other IT operation in a mature organization. Incidents happen, and being able to respond to them effectively makes good business sense.

Author Biography

Kenneth R. van Wyk is an internationally recognized information security expert and author of the O'Reilly Media books, Incident Response and Secure Coding. In addition to providing consulting and training services through his company, KRvW Associates, LLC, he currently holds numerous positions: as a monthly columnist for on-line security portal, eSecurityPlanet, and a Visiting Scientist at Carnegie Mellon University's Software Engineering Institute.

Ken has 20+ years experience as an IT Security practitioner in the academic, military, and commercial sectors. He has held senior and executive technologist positions at Tekmark, Para-Protect, Science Applications International Corporation (SAIC), in addition to the U.S. Department of Defense and Carnegie Mellon and Lehigh Universities.

Ken also served a two-year elected position as a member of the Steering Committee, and a one-year elected position as the Chairman of the Steering Committee, for the Forum of Incident Response and Security Teams (FIRST) organization. At the Software Engineering Institute of Carnegie Mellon University, Ken was one of the founders of the Computer Emergency Response Team (CERT®). He holds an engineering degree from Lehigh University and is a frequent speaker at technical conferences, and has presented papers and speeches for CSI, ISF, USENIX, FIRST, AusCERT, and others. Ken is also a CERT® Certified Computer Security Incident Handler.

Richard Forno is a recognized security professional and coauthor of The Art of Information Warfare. He has held high-profile security positions at major companies and government organizations; he helped establish the first incident response team for the United States House of Representatives and provided advisory support to offices of the Department of Defense on information warfare. He is the cofounder of G2-Forward, a prominent information analysis and distribution service supporting the military intelligence and law enforcement communities. In 1998, he became the chief security officer for Network Solutions (the InterNIC), the company responsible for developing and operating the Internet Shared Registry System.

Table of Contents

Foreword ix
Preface xiii
What Is Incident Response?
1(14)
Real-Life Incidents
2(5)
What Is an Incident?
7(1)
About the Bad Guys
8(1)
What Is Incident Response?
8(3)
Risk Assessment and Incident Response
11(2)
Development of Incident Response Efforts
13(1)
Are You Ready? Are You Willing?
14(1)
Incident Response Teams
15(17)
Who Should Do It?
16(1)
Public Resource Teams
17(2)
Internal Teams
19(3)
Commercial Teams
22(3)
Vendor Teams
25(2)
Ad Hoc Teams
27(1)
Forum of Incident Response and Security Teams (FIRST)
28(1)
Now Who Should Do It?
29(3)
Planning the Incident Response Program
32(14)
Establishing the Incident Response Program
32(10)
Internal Versus External
42(1)
Types of Incidents
43(1)
Who Are the Clients?
44(1)
Summary
45(1)
Mission and Capabilities
46(24)
Roles and Responsibilities
47(3)
Staffing and Training
50(1)
Involving the Critical Players
51(4)
List of Contacts
55(1)
Setting Up a Hotline
56(1)
Establishing Procedures
57(1)
Awareness and Advertising
58(1)
Fire Drills
59(3)
Issues and Pitfalls
62(8)
State of the Hack
70(26)
The Moving Target
71(1)
Keeping Up with Attack Profiles
72(3)
Training
75(21)
Incident Response Operations
96(11)
We've Been Hit---Now What?
97(1)
Incident Response Processes
98(6)
While Under Pressure
104(3)
Tools of the Trade
107(48)
What's Out There?
108(3)
Network-Based Tools
111(1)
Network Monitors and Protocol Analyzers
112(8)
Network-Based Intrusion Detection Systems
120(5)
Network Vulnerability Scanners
125(6)
Other Essential Network-Based Tools
131(2)
Host-Based Tools
133(6)
Communications
139(4)
Encryption
143(3)
Removable Storage Media
146(3)
The Incident Kit
149(3)
If We Ruled the World
152(3)
Resources
155(12)
Security Information on the Web
155(1)
Incident Response Team Resources
156(1)
Commercial Incident Response Service Providers
157(2)
Antivirus Products
159(1)
Mailing Lists and Newsgroups
159(1)
U.S. Government Resources
160(1)
Training, Conferences, and Certification Programs
161(2)
Legal Resources
163(4)
A. First 167(27)
B. Sample Incident Report 194(3)
Index 197

Supplemental Materials

What is included with this book?

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

Rewards Program