- This title is eligible for Amazon Fall Textbook promotions. Get unlimited free Two-Day Shipping for three months with a free trial of Amazon Prime. Add $100 worth of eligible textbooks to your cart to qualify. Sign up at checkout. New members only. Here's how (restrictions apply)
Join Amazon Prime and ship Two-Day for free and Overnight for $3.99. Already a member? Sign in.
Special Offers and Product Promotions
Better Together
Customers Who Bought This Item Also Bought
Incident Response: Computer Forensics Toolkit by Douglas Schweitzer  (9)
$38.25
|
The Effective Incident Response Team by Julie Lucas  (5)
|
Security Metrics: Replacing Fear, Uncertainty, and Doubt by Andrew Jaquith (19)
$29.99
|
EnCase Computer Forensics, includes DVD: The Official EnCE: EnCase Certified Examiner Study Guide by Steve Bunting (16)
$41.99
|
Writing Information Security Policies (Landmark) by Scott Barman (11)
$29.74
|
Editorial Reviews
Amazon.com
Incident Response fills a need that's existed in the security book market for some time. The authors--a pair of accomplished incident response experts, not merely researchers--have converted to book form their accumulated wisdom on the question of how to respond to an attack on computer systems. Their expertise is only partly technical; much of what Eugene Schultz and Russell Shumway have written has to do with legal questions and policy decisions. It's a reasonable balance, considering that the state of the art in network intrusion (and defense against it) changes frequently and security administrators are better armed with concepts and strategies than with "click this, type that" instructions. The explicit technical material that does appear here is nicely balanced between Windows and Unix systems, and clearly explains networking details of interest to security people and their managers. The explanation of how a spanning port can make a switch work like a hub for purposes of packet monitoring--nearly entirely prose--is one example of high-quality technical coverage that will remain valuable as operating systems and other network details change over time.
See all Editorial Reviews
Incident Response fills a need that's existed in the security book market for some time. The authors--a pair of accomplished incident response experts, not merely researchers--have converted to book form their accumulated wisdom on the question of how to respond to an attack on computer systems. Their expertise is only partly technical; much of what Eugene Schultz and Russell Shumway have written has to do with legal questions and policy decisions. It's a reasonable balance, considering that the state of the art in network intrusion (and defense against it) changes frequently and security administrators are better armed with concepts and strategies than with "click this, type that" instructions. The explicit technical material that does appear here is nicely balanced between Windows and Unix systems, and clearly explains networking details of interest to security people and their managers. The explanation of how a spanning port can make a switch work like a hub for purposes of packet monitoring--nearly entirely prose--is one example of high-quality technical coverage that will remain valuable as operating systems and other network details change over time.
Unlike many books about computers, this one deserves to be read cover to cover. The authors have points to make, and they generally build on their earlier thoughts as they go. Some material in these pages seems somewhat obvious--the advice to dress nicely for a media interview, for example--but it all fits with the authors' goal of showing their readers how to react (in all respects) to security problems when they happen. Read this, be prepared for trouble, and know how to educate others about incident response. --David Wall
Topics covered: How an organization should react--organizationally, technically, legally, and in terms of public relations--to incidents of unauthorized access (originating both internally and externally) to its computer systems.
Product Description
This book teaches readers what they need to know to not only set up an incident response effort, but also how to improve existing incident response efforts. The book provides a comprehensive approach to incident response, covering everything necessary to deal with all phases of incident response effectively ¿ spanning from pre-incident conditions and considerations to the end of an incident.
Although technical considerations, (e.g. the particular binaries in Unix and Linux and dynamically linked libraries in Windows NT and Windows 2000) that need to be inspected in case they are corrupted, the types of logging data available in major operating systems and how to interpret it to obtain information about incidents, how network attacks can be detected on the basis of information contained in packets, and so on ¿ the major focus of this book is on managerial and procedural matters. Incident Response advances the notion that without effective management, incident response cannot succeed.
See all Editorial Reviews
Product Details
|