Incident Handling
In computer security terms iincident handling refers to a plan for dealing with and recovering from network or system intrusion security incidents. According to SANS, an incident handling plan should provide for:
- Incident preparation
- Incident identification
- Incident containment
- Incident eradication
- Incident recovery
- Determine lessons learned and fix weaknesses
|
|