Week-3_Incident Response .pptx------------------
AmirMohamedNabilSale
7 views
14 slides
Oct 25, 2025
Slide 1 of 14
1
2
3
4
5
6
7
8
9
10
11
12
13
14
About This Presentation
--------------------------------------------------------------
Slide Content
CSEC 1001 Foundation of Computing and Cyber Security
Outline Incident Response Planning Incident Response lifecycle
Introduction to Incident Response Planning
Incident Management An incident is an unplanned event that interrupts or reduces the quality of an IT service. Think of it as any situation where a system, application, or network component fails or is compromised, disrupting normal operations. An incident is an event that has actually or potentially compromised the confidentiality, integrity, or availability of an organization's information systems or data, or a violation of security policies and procedures.
Incident Management
Incident Management It is an unplanned interruption to an IT service, or reduction to quality of an IT service or failure Configuration Item (CI) Incidents would not happen if we had infinite security budgets we had infinitely capable security personnel However, things can go wrong In spite of your best attempts We call them incidents Important to develop standard procedures to respond to incidents Refine these procedures based on experience
Incident Management ISO27002 Section 10 is all about incident management You should use ISO27001 to build the foundations of information security in your organization , and devise its framework You should use ISO27002 to implement controls Legal requirement for certain industries (e.g., banks, e-commerce, public institutions) Highly recommended for all organisations
Types of Incident s CIA related incidents Other types of incidents Reconnaissance Attacks This is when an attacker probes your network to find weaknesses. A common example is port scanning , where they check for open digital "doors" on DSL and cable modem connections are more exposed than others because they are usually open (through port scanning, vulnerability scans)
Types of Incident s CIA related incidents Other types of incidents Repudiation An incident where someone performs an action and later denies having done it. For example, a user illegally transfers funds and then claims their account was hacked. Harassment (through harassing messages using like email and instant message) Using digital tools like email or instant messaging to bother, threaten, or embarrass someone.
Incident Response: Three Major Parts of Cycle Incident Response Countermeasures Detection Actions taken to deal with an incident to eliminate or minimize the impact.
Incident Response lifecycle P r e p a r a t ion Detection Investigation Remediation Recovery Containment
Incident Response Lifecycle 1) Preparation : This phase involves establishing and implementing policies, tools, and resources to handle incidents efficiently. It includes training, deploying detection and prevention technologies, and setting up incident response teams. 2) Detection : In this stage, the incident is identified. It involves monitoring systems for signs of security breaches or suspicious activities, like unauthorized access or malware. 3) Containment : Once an incident is detected, immediate actions are taken to limit its impact and prevent further damage. Containment strategies can be short-term (like isolating affected systems ) or long-term ( applying security patches or configurations ).
Incident Response Lifecycle 4) Investigation : This phase involves gathering and analyzing data to understand the scope and nature of the incident, including how it happened, what systems were affected , and identifying the root cause. 5) Remediation : The goal here is to resolve the incident by eliminating the threat . This could involve removing malware and closing security vulnerabilities . 6) Recovery : Once the threat is neutralized, systems and services are restored to normal operations. This includes verifying that the incident is fully resolved and no residual issues remain.
Questions
Tags
Categories
TechnologyDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 7
- Slides 14
- Age 39 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
48 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
47 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
37 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
34 views
21
Know for Certain
DaveSinNM
22 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
26 views