Đang chuẩn bị nút TẢI XUỐNG, xin hãy chờ
Tải xuống
Thay vào đó, họ dựa vào ngân hàng thành viên của họ để thiết lập các đường dây và thiết lập các điều khoản cho tín dụng tiêu dùng và thẻ ghi nợ trong phạm vi portfolios.They riêng của họ cũng dựa vào các ngân hàng để cung cấp các dịch vụ | 526 Chapter 10 Incident Response Forensics and the Law Even companies with small IT departments will usually have a network person and a systems administrator if not more than one of each. You ll likely need to involve them.You ll probably need a representative from your Legal department or attorney s office. A system administrator or a dedicated security engineer can handle the forensics work. Finally you ll need a dedicated security function that will form the core of the team and tie it together. This may be a dedicated person or perhaps a portion of a person s time but the responsibility must belong to one or more individuals. The core person s responsibility will be to call meetings make sure representation is present from all concerned organizations coordinate writing policy and getting agreement on policy arrange for training as needed and drive actual incident response when the occasion arises. It may be obvious but it s worth mentioning Someone will need to be on call at all times to handle any incidents that arise. Hopefully you will have enough team members that this duty can be rotated. This also implies that there is some mechanism to detect an incident whether it s an IDS or an e-mail address that people can use to report issues as they arise. Setting the Prosecution Boundaries At some point during an incident a decision must be made as to whether you wish to pursue legal or civil action or even just report the incident to a provider or third-party organization. This is not a trivial decision. Pursuing legal action is expensive and you must consider what you will get out of it. Attackers Crossing the Line The first line you have to draw is the line between attempt and incident. It doesn t matter who you are whether you re tiny or huge you will get attempts to penetrate your site. Some of these attempts will be downright useless or idiotic in fact most of them will be. This includes things like trying NT exploits against a Unix Web server or trying to
