the most trusted source for computer security training, certification and research

Baselines and Incident Handling

HB_Shavlik
Abstract
The purpose of this paper is to explain why the establishment of baselines is an important part of incident handling and how doing so can be a useful tool for an incident handler during incident handling process. Examples will be given regarding how to establish baselines on various types of systems and network equipment. Also, demonstrations will be given showing what to look for when attempting to identify, using baselines, whether an incident has occurred.
<<Reading Room Home     <<Back to Category

Contact us: (301) 654-SANS(7267)
Monday - Friday 9am-8pm EST/EDT