Incident Response Process

by / On November 8, 2020 / In APA (edition "APA 6"), Computer science

Research a publicized security incident, such as one of the recent Sony incidents, and apply it to each step in the IR process. Some of this data may be available through research, but if not, outline how you would respond and what you think some of the outcomes may have been.

The SANS Incident Response Process prepares industry professionals for the unfortunate day that a security incident occurs. To help incident responders, SANS has outlined response into six phases:

Preparation (proactive)
Identification (reactive)
Containment (reactive)
Eradication (reactive)
Remediation (reactive)
Lessons Learned (proactive)

Here is a website of recent online attacks.