February 11, 2009 at 5:35 pm #3352unsupportedParticipant
I was planning on going for GCIH, but our companies budget hadn’t gone through, so I moved to my backup plan for CEH. I still want to get a grasp on IR doing self-study with hopes of getting my company to send me to GCIH training. I wanted to start reading Counter Hack Reloaded, but wanted to know what other recommendations everyone has for IR.
February 11, 2009 at 6:22 pm #22159JhaddixParticipant
I would start by looking at the free resources here:
And Security Focus has some good (a little old) whitepapers too:
As for a book, other than GCIH books i only own:
Incident Response: A Strategic Guide to Handling System and Network Security Breaches
Which is a classic imo
February 11, 2009 at 9:29 pm #22160jasonParticipant
Some of these are getting a bit long in the tooth now…
February 12, 2009 at 1:38 am #22161JhaddixParticipant
Also I hear good things about
Incident Response and Computer Forensics, Second Edition
By Chris Prosise, Kevin Mandia, Matt Pepe
and its on EH’s Chris Gates book wishlist =)
February 13, 2009 at 10:35 am #22162XenParticipant
The links by Jhaddix and Jason pretty much covers it all and I think would be sufficient to help you get a good grasp of the subject.
In case you want some reviews of the books you should go for I suggest reading this article by Tony Bradley. Perhaps these would be enough to give you a nice start.
February 14, 2009 at 8:03 pm #22163timmedinParticipant
NIST has lots of great papers on this (and other) subjects. NIST 800-61 is a great resource. I especially found the example scenarios helpful since it will allow you to go through some example situations before (hopefully) one actually happens.
- You must be logged in to reply to this topic.