Cyber Security Awareness Month - Daily Topics

Cyber Security Awareness Month - Daily Topics
October is Cyber Security Awareness Month and this year the SANS Internet Storm Center is going to offer daily tips on each of the six steps of incident handling areas according to the following schedule: Preparation: October 1-4 Identification: October 5-11 Containment: October 12-18 Eradication: October 19-25 Recovery: October 26-31 Lessons Learned: November 1-3 Below is the list of topics by week and day that we will use in October. As you can see, the first week focuses on tips for getting getting prepared. Subsequent weeks focus on the remaining steps. We need your help beginning this week and continuing through the month of October. If you would like to submit a tip, please use our contact form and be sure to put something in the subject like "Security Tip, day 15" to make it easier for us to sort them. Keep your tips brief and to the point, also remember that the audience is broad, including end users, sysadmins, and managers. 1. Preparation 1 Policies, Management Support, and User Awareness 2 Building a Response Team 3 Building Checklists 4 What Goes Into a Response Kit 2. Identification 5 Events versus Incidents 6 Network-based Intrusion Detection Systems 7 Host-based Intrusion Detection Systems 8 Global Incident Awareness 9 Log and Audit Analysis 10 Using Your Help Desk to Identify Security Incidents 11 Other Methods of Identifying an Incident 3. Containment 12 Gathering Evidence That Can be Used in Court 13 Containment on Production Systems Such as a Web Server 14 Containing a Personal IdentityTheft Incident 15 Containing the Damage From a Lost or Stolen Laptop 16 Containing a Malware Outbreak 17 Containing a DNS Hijacking 18 Containing Other Incidents 4. Eradication 19 Forensic Analysis Tools - What Happened? 20 Eradicating a Rootkit 21 Removing Bots, Keyloggers, and Spyware 22 Wiping Disks and Media 23 Turning off Unused Services 24 Cleaning Email Servers and Clients 25 Finding and Removing Hidden Files and Directories 5. Recovery 26 Restoring Systems From Backups 27 Validation via Vulnerability Scanning 28 Avoiding Finger Pointing and the Blame Game 29 Should I Switch Software Vendors? 30 Applying Patches and Updates 31 Legal Awareness (Regulatory, Statutory, etc.) 6. Lessons Learned (November) 1 What Should I Make Public? 2 Working With Management to Improve Processes 3 Feeding The Lessons Learned Back to the Preparation Phase Marcus H. Sachs Director, SANS Internet Storm Center	Marcus 301 Posts ISC Handler
Reply Subscribe	Sep 30th 2008 1 decade ago