Appropriate Response: More Questions Than Answers

by Chris Loomis
Sept. 24, 2017 0 comments Symantec Detection & Response incident handling

So, just how far should security administrators go to protect their systems? What is an appropriate response to a detected security incident? Ask ten security professionals that question and you will most likely get ten different answers. Ask them more specific questions – such as, how do you handle active intrusions? Denial of service attacks? Probes? - and eventually you will be able to piece together their response set, a collection of reactions tailored to particular attacks or threats.