1. | ![]() |
Incident response introduction | An introduction to Incident Response | ![]() |
2. | ![]() |
Risk Analysis | About risk analysis, Types of security-related risks, Obtaining data about security-related incidents, Importance of risk analysis in incident response | ![]() |
3. | ![]() |
Computer Security Incident Response Teams (CSIRTs) | Basic issue, Incident handling service, Team operation | ![]() |
4. | ![]() |
A methodology for Incident Response | Rationale for using an incident response methodology, A six-stage methodology for incident response, Caveats | ![]() |
5. | ![]() |
RFC 3227 and RFC 2350 | Guidelines for evidence collection and archiving, Exceptions for computer security incident response | ![]() |
6. | ![]() |
Forming and Managing an incident response team | Incident response team, Issues in forming a response team, About managing an incident response effort | ![]() |
7. | ![]() |
Organizing for incident response | Virtual teams-eusuring availability, Training the team, Testing the team, Barriers to success, External coordination, Managing incidents | ![]() |
8. | ![]() |
Tracing Network Attacks | Tracing Network Attacks, Putting attack tracing in context, Tracing methods, Constructing an attack path, Final caveats | ![]() |
9. | ![]() |
Legal Issues | U.S. Computer crime statutes, International statutues, Search, Seizure and monitoring, Policies, Liability | ![]() |
10. | ![]() |
Forensics Ⅰ | Guiding principles, Forensics hardware, Forensics software, Acquiring evidence, Examination of the evidence | ![]() |
11. | ![]() |
Forensics Ⅱ | Covert searches, Advanced searches, Encryption, Home use systems, UNIX and server forensics | ![]() |