Describe the role of incident first responders, and discuss some factors that should be addressed with first responders.
What will be an ideal response?
ANSWER: Typically, CSPs have personnel trained to respond to network incidents, such as system and network administrators who handle normal support services for the cloud. When a network intrusion occurs, they become first responders to the incident. If a CSP doesn’t have an internal first responder team, the forensics examiner should organize CSP staff to handle these tasks. Some factors to address include the following:
• Will the CSP’s operations staff be cooperative and follow directions, and will management issue orders stating that you’re the leader of the investigation?
• Do you need to brief staff about operations security? For example, you might need to explain that they should talk only to others who have a need to know about the incident and the investigation’s activities.
• Do you need to train staff in evidence collection procedures, including the chain of custody?
You might also like to view...
The Secure Hash Algorithm design closely models, and is based on, the hash function __________ .
A. MD5 B. FIPS 180 C. RFC 4634 D. MD4
COGNITIVE ASSESSMENT Which of the following terms is used to describe a program that copies itself repeatedly, using up resources and possibly shutting down the computer or network?
A. a virus B. a worm C. a Trojan horse D. a rootkit
Which of the following documents would look best in landscape orientation?
A) A certificate B) A letter C) A memo D) A resume
What is the Preboot Execution Environment (PXE)?
What will be an ideal response?