450+ experts on 30 subjects ready to help you just now
Starting from 3 hours delivery
Remember! This is just a sample.
You can get your custom paper by one of our expert writers.Get custom essay
121 writers online
An incident is any event in an information system or network where the results are abnormal . It can also be considered as a situation that differs from normal routine operations. There are numerous reasons can lead to an incident. However, according to the significance, the results can be classified into three classes, generally, which are low-impact incident, moderate-risk incident, and high-level risk exposure incident. When incidents occur, certain steps will be performed by an organization to deal with the abnormal results. These steps are also known as the incident response process.
The level of response is determined by, primarily, information criticality and business decision as well. The goals of an incident response process can be summarized as following: to confirm and fix incident; to protect and secure the evidence; to mitigate its influence; to provide reports or recommendations, etc. How will the incident response be performed in practice, will be related to hardware/software architectures, budget, manpower, resources, and commitment, etc. When suspected incident is discovered and characterized, initial response kicks in. As a cyber first responder, it’s your responsibility to do as much as possible to mitigate the damage or loss of evidence, since evidence can be tampered with or destroyed as time passes; and all evidences ought to be collected forensically and protected properly. As an indispensable step in incident initial response, protecting and securing evidences play an important role in incident response process. First of all, the suspect need to be removed from company mail domain and network domain. The system administrator will cancel all his/her access to any systems and resources. Deactivate and reset all passwords this suspect used before. His/her access to data storage is also revoked. Secondly, a full backup need to be performed of each disk configured on the laptop in case of any security issue arises. The backup need to be encrypted. All emails and internet browser history are required to be encrypted and backed up as well, so that unwanted person has no access to this information. Then, disable any wired and wireless internet connection to avoid remote controlling. LAN access is allowed. A recovery is also necessary to restore destroyed or lost data. And run antiviruses software to remove any potential malware. Booting from CD or USB will be disabled, which avoids the damage of the evidence due to booting.
Meanwhile, the laptop’s hardware need to be encrypted to prevent from unwanted accessing and damaging of the data. The laptop need to be investigated thoroughly. After all the security checks and protection action implementation, evidence will be transport to organization, where physical security of the evidence laptop is also necessary. It is important to safeguard evidence from tampering and extremes in temperature, humidity, magnetic fields, and vibration. In practical, put the laptop in static-free bag with foam packing material and then store it in cardboard box. All evidence should be properly stored in an evidence room with restricted access, entry-logging capability, and camera monitoring. By using of all the methods mentioned above, the evidence will not be manipulated or damaged by any means. A proper securing and protecting of the evidence can by easily achieved.
We provide you with original essay samples, perfect formatting and styling
To export a reference to this article please select a referencing style below:
Where do you want us to send this sample?
Be careful. This essay is not unique
This essay was donated by a student and is likely to have been used and submitted before
Download this Sample
Free samples may contain mistakes and not unique parts
Sorry, we could not paraphrase this essay. Our professional writers can rewrite it and get you a unique paper.
Please check your inbox.
We can write you a custom essay that will follow your exact instructions and meet the deadlines. Let's fix your grades together!
Are you interested in getting a customized paper?Check it out!