Incident Response Containment Strategy: [Essay Example], 588 words GradesFixer

Haven't found the right essay?

Get an expert to write your essay!


Professional writers and researchers


Sources and citation are provided


3 hour delivery

This essay has been submitted by a student. This is not an example of the work written by professional essay writers.

Incident Response Containment Strategy

Download Print

Pssst… we can write an original essay just for you.

Any subject. Any type of essay.

We’ll even meet a 3-hour deadline.

Get your price

121 writers online

Download PDF

Steps to respond to the incident

Buffer overflow is a vulnerability was first detected in 1980s when Robert Morris created a worm which infected ten percent of the internet in two days. The vulnerability that deals with buffers which are the smallest memory locations for programs that allow for direct access to write and read memory (Foster, 2005). Buffer overflow occurs when the data to be stored in a particular buffer overwrites to subsequent spaces causing overwriting or excess data reading. In our case, the incident response strategic decisions team has learnt about a potential worm that may compromise the safety of Microsoft IIS servers. Our team has to act fast since the worm situation may get out of hand in a very short while and the effects may be disastrous.

First, the team has to identify that the threat is real meaning we should test to determine the vulnerability. While looking at the source code, our focus is on the areas that require buffer access, modification and use. For example, areas where there is input supplied by a user pose a potential point for stack overflow since it is easy to exploit (McGraw, 2004).

Code example:

void askquestion () {

char client_answer [4];

Printf (“Was this information helpful? Please answer yes or no:”);

gets (client_answer);


The code above asks a question to the user prompting a yes or no answer. The user may input ‘not-really’ forcing the program to crash instead of displaying an error message and prompting the question again.

Process flow diagram to determine strategy to use.

Process flow diagram to determine when to relay information to upper management.

Upper management should be notified immediately the suspicion is confirmed since the potential threat could turn into a disaster within moments.

Incident recovery process

Types of disasters, response and recovery.

Stack attacks

The smallest in it of memory is a stack. The worm overloads the stack and tricks the program to open malware they have saved elsewhere. The computer then implements what the code dictates.

Heap attacks

Are associated with larger memory spaces such as those used to store pictures and texts. Such an attack is hard for the attacker to implement since the heap has no direct access to executable code memory

Arithmetic attacks

Comes from the improper handling of signed and unsigned numbers in C

Format attacks

When operating systems require automatic conversion of text string s from small text format to a larger format, the code may be manipulated such that a buffer overflow is reached.

Mitigation techniques include;

Developing stronger apps in teams and utilizing recent programming languages such as python and java.

Updating security systems regularly

Constantly checking for malware and loopholes for hackers.

Techniques for different disasters.

Since we have successfully identified the problem, we identify the best strategy to resolve the problem. Protection techniques can be categorized into;

Static- Offers correction to the software with tools such as STOBO and RATS (Viega, 2003).

Dynamic- (hardware and software) monitor and protect data at the source or the other end of an overflow

Isolation- not executing in stack memory and limiting the space of a process. (using SPEF and sandboxing)

Issues in disaster recovery

The main issue in disaster recovery is unpreparedness. Individuals and organizations should be prepared for disaster with back up storages in the cloud while utilizing data duplication tools to reduce storage costs (Patterson, 2013).

Back up plans should be put in place carrying out the back ups in small chunks over short periods to ensure viability.

Remember: This is just a sample from a fellow student.

Your time is important. Let us write you an essay from scratch

100% plagiarism free

Sources and citations are provided

Find Free Essays

We provide you with original essay samples, perfect formatting and styling

Cite this Essay

To export a reference to this article please select a referencing style below:

GradesFixer. (2019). Incident Response Containment Strategy. Retrived from
GradesFixer. "Incident Response Containment Strategy." GradesFixer, 14 May. 2019,
GradesFixer, 2019. Incident Response Containment Strategy. [online] Available at: <> [Accessed 21 September 2020].
GradesFixer. Incident Response Containment Strategy [Internet]. GradesFixer; 2019 [cited 2019 May 14]. Available from:
copy to clipboard

Sorry, copying is not allowed on our website. If you’d like this or any other sample, we’ll happily email it to you.

    By clicking “Send”, you agree to our Terms of service and Privacy statement. We will occasionally send you account related emails.


    Attention! this essay is not unique. You can get 100% plagiarism FREE essay in 30sec

    Recieve 100% plagiarism-Free paper just for 4.99$ on email
    get unique paper
    *Public papers are open and may contain not unique content
    download public sample

    Sorry, we cannot unicalize this essay. You can order Unique paper and our professionals Rewrite it for you



    Your essay sample has been sent.

    Want us to write one just for you? We can custom edit this essay into an original, 100% plagiarism free essay.

    thanks-icon Order now

    Hi there!

    Are you interested in getting a customized paper?

    Check it out!
    Having trouble finding the perfect essay? We’ve got you covered. Hire a writer uses cookies. By continuing we’ll assume you board with our cookie policy.