Information security, sometimes shortened to infosec

deleting malicious files, terminating
compromised accounts, or deleting other
components. Some events do not require
this step, however it is important to fully
understand the event before moving to
this step. This will help to ensure that the
threat is completely removed.
[64]
Recovery
This stage is where the systems are
restored back to original operation. This
stage could include the recovery of data,
changing user access information, or
updating firewall rules or policies to
prevent a breach in the future. Without
executing this step, the system could still
…

be vulnerable to future security
threats.
[64]
Lessons Learned
In this step information that has been
gathered during this process is used to
make future decisions on security. This
step is crucial to the ensure that future
events are prevented. Using this
information to further train admins is
critical to the process. This step can also
be used to process information that is
distributed from other entities who have
experienced a security event.
[65]

Download 0,67 Mb.

Do'stlaringiz bilan baham: