Intrusion detection checklist: Six stages of handling attacks

Equipping your organization to deal with system intrusions requires a many-faceted approach. This checklist is designed to help you address the key aspects of preparation, detection, containment, extermination, restoration, and finalization. The process begins with essential preemptive steps, such as changing default configurations and ensuring that all team members understand their roles in the event of a security breach. From there, the list works through best practices for response and recovery, including documentation for follow-up or legal action, communicating with departmental administration, and restoring necessary data files and group and user information.

Join the discussion of this download.