Summary: Computer Security Incident Response Team

Decent Essays

Now that we have discussed how to protect against malware and other numerous threats it is just as equally important that a good plan is in place when systems or network in general become compromised. First at foremost if you think a compromise or incident has occurred the affected systems must be taken offline immediately, this is going to reduce any further compromise. Next I would highly recommend notifying the Computer Security Incident Response Team (CSIRT), a CSIRT team is an organization that receives security incident reports and providing a detailed analysis on the said report then relays that information to the sender. A CSIRT will provide 24/7 service to any user, service, company, or organization. The great thing about CSIRT is …show more content…

CSIRT also provide various other functions to include internet abuse, computer forensics, virus response, disaster recovery, intrusion detection system solutions and incident handling among many others. CSIRT also provides an investigation into the incident determining root cause, findings, lessons learned and actions to be taken against this incident. CSIRT can be great for eradicating the root cause and moving on with business, prior to an incident though it is important to have a solid backup and restore plan in place in case data is compromised or stolen. There are several ways to backup and restore a Windows machine but I will only be discussing those tools and techniques. Windows itself houses several tools used as backups to include file backup which is going to allow users that ability to make copies of data files for all users on that computer, this is done either by letting Windows pick the files or they can be selected individually as folders, drives, etc. These backups will be created based on the schedule created. A Windows tool to restore your computer is simply called system restore which I am quite familiar with because I have used it quite often. This tool allows the computer to restore files to an earlier point in

Get Access