管理资料信息安全管理安全事故响应.ppt

* Incident Response Plan Whatever the variables involved in an attack, the incident response team as a whole applies the following key procedures as a guide to ensure a successful response: Evaluate the current state of the system, the extent of penetration/infection, the type of data at risk, the source or target of the attack, the resources that are known to be compromised, the resources that are suspected to be compromised, the impact on infrastructure, the cost of recovery, and other elements that define the scope of the problem. Establish the first course of action in a detailed response