In computer security terms iincident handling refers to a plan for dealing with and recovering from network or system intrusion security incidents. According to SANS, an incident handling plan should provide for: