Incident Response Containment Strategy

download print

About this sample

About this sample


Words: 588 |

Page: 1|

3 min read

Published: Jun 6, 2019

Words: 588|Page: 1|3 min read

Published: Jun 6, 2019

Table of contents

  1. Steps to respond to the incident
  2. Types of disasters, response and recovery.
  3. Issues in disaster recovery

Steps to respond to the incident

Buffer overflow is a vulnerability was first detected in 1980s when Robert Morris created a worm which infected ten percent of the internet in two days. The vulnerability that deals with buffers which are the smallest memory locations for programs that allow for direct access to write and read memory (Foster, 2005). Buffer overflow occurs when the data to be stored in a particular buffer overwrites to subsequent spaces causing overwriting or excess data reading. In our case, the incident response strategic decisions team has learnt about a potential worm that may compromise the safety of Microsoft IIS servers. Our team has to act fast since the worm situation may get out of hand in a very short while and the effects may be disastrous.

'Why Violent Video Games Shouldn't Be Banned'?

First, the team has to identify that the threat is real meaning we should test to determine the vulnerability. While looking at the source code, our focus is on the areas that require buffer access, modification and use. For example, areas where there is input supplied by a user pose a potential point for stack overflow since it is easy to exploit (McGraw, 2004).

Code example:

void askquestion () {

char client_answer [4];

Printf (“Was this information helpful? Please answer yes or no:”);

gets (client_answer);


The code above asks a question to the user prompting a yes or no answer. The user may input ‘not-really’ forcing the program to crash instead of displaying an error message and prompting the question again.

Process flow diagram to determine strategy to use.

Process flow diagram to determine when to relay information to upper management.

Upper management should be notified immediately the suspicion is confirmed since the potential threat could turn into a disaster within moments.

Incident recovery process

Types of disasters, response and recovery.

Stack attacks

The smallest in it of memory is a stack. The worm overloads the stack and tricks the program to open malware they have saved elsewhere. The computer then implements what the code dictates.

Heap attacks

Are associated with larger memory spaces such as those used to store pictures and texts. Such an attack is hard for the attacker to implement since the heap has no direct access to executable code memory

Arithmetic attacks

Comes from the improper handling of signed and unsigned numbers in C

Format attacks

When operating systems require automatic conversion of text string s from small text format to a larger format, the code may be manipulated such that a buffer overflow is reached.

Mitigation techniques include;

Developing stronger apps in teams and utilizing recent programming languages such as python and java.

Updating security systems regularly

Constantly checking for malware and loopholes for hackers.

Techniques for different disasters.

Since we have successfully identified the problem, we identify the best strategy to resolve the problem. Protection techniques can be categorized into;

Static- Offers correction to the software with tools such as STOBO and RATS (Viega, 2003).

Dynamic- (hardware and software) monitor and protect data at the source or the other end of an overflow

Isolation- not executing in stack memory and limiting the space of a process. (using SPEF and sandboxing)

Issues in disaster recovery

The main issue in disaster recovery is unpreparedness. Individuals and organizations should be prepared for disaster with back up storages in the cloud while utilizing data duplication tools to reduce storage costs (Patterson, 2013).

Get a custom paper now from our expert writers.

Back up plans should be put in place carrying out the back ups in small chunks over short periods to ensure viability.

Image of Alex Wood
This essay was reviewed by
Alex Wood

Cite this Essay

Incident Response Containment Strategy. (2019, May 14). GradesFixer. Retrieved June 21, 2024, from
“Incident Response Containment Strategy.” GradesFixer, 14 May 2019,
Incident Response Containment Strategy. [online]. Available at: <> [Accessed 21 Jun. 2024].
Incident Response Containment Strategy [Internet]. GradesFixer. 2019 May 14 [cited 2024 Jun 21]. Available from:
Keep in mind: This sample was shared by another student.
  • 450+ experts on 30 subjects ready to help
  • Custom essay delivered in as few as 3 hours
Write my essay

Still can’t find what you need?

Browse our vast selection of original essay samples, each expertly formatted and styled


Where do you want us to send this sample?

    By clicking “Continue”, you agree to our terms of service and privacy policy.


    Be careful. This essay is not unique

    This essay was donated by a student and is likely to have been used and submitted before

    Download this Sample

    Free samples may contain mistakes and not unique parts


    Sorry, we could not paraphrase this essay. Our professional writers can rewrite it and get you a unique paper.



    Please check your inbox.

    We can write you a custom essay that will follow your exact instructions and meet the deadlines. Let's fix your grades together!


    Get Your
    Personalized Essay in 3 Hours or Less!

    We can help you get a better grade and deliver your task on time!
    • Instructions Followed To The Letter
    • Deadlines Met At Every Stage
    • Unique And Plagiarism Free
    Order your paper now