Stress that definite indicators are incident candidates of something that is happening or has happened. Better put,
Question:
Stress that definite indicators are incident candidates of something that is happening or has happened. Better put, they are clear signals.
Establish an understanding that the IR plan must be activated immediately in a situation like this, and the CSIRT must act.
Review the list of incident candidates that are red flags and are considered definite indicators of an actual incident:
Use of dormant accounts
Changes to logs
Presence of hacker tools (both physical and digital)
Notifications by a partner or peer
Notifications by a hacker
Fantastic news! We've Found the answer you've been seeking!
Step by Step Answer:
Related Book For
Principles Of Information Security
ISBN: 9780357506431
7th Edition
Authors: Michael E. Whitman, Herbert J. Mattord
Question Posted: