Security Incident Response steps are the organized response to the handling of the consequences of an intrusion or an attack. These steps are necessary to mitigate and prevent serious security incidents, and help protect valuable information. Security Incident Response steps include:
Preparation: The organization trains the user and IT staff to promote awareness of updated security measures and to train for a quick and accurate response to computer-and network-related security events.
Recognition: The Response Team is activated and decides whether a particular event actually constitutes a security incident. The team may contact the CERT Coordination Center, which ...