Revision as of 13:00, 29 March 2017 edit 95.128.107.128 (talk) →Emergency response detail ← Previous edit		Revision as of 11:43, 29 June 2017 edit undo Fixuture (talk \| contribs) Extended confirmed users 26,899 edits +see alsos, -''' Next edit →
Line 9: }}</ref> Incident management requires a process and a response team which follows this process. This definition of computer security incident management follows the standards and definitions described in the National Incident Management System (NIMS). The [[~~Computer security incident management~~#Definitions\|~~'''~~''incident coordinator~~'''~~'']] manages the response to an emergency security incident. In a Natural Disaster or other event requiring response from Emergency services, the ''incident coordinator'' would act as a liaison to the emergency services incident manager.<ref>{{cite web \|title=NIMS - The Incident Command System \|work=National Incident Management System Line 111: '''Clean'''- Run a virus scan to remove the virus or wipe the computer clean and reimage the machine. '''Reverse Engineering'''- Use computer forensics tools to understand why the malicious traffic occurred in the first place. Once the incident is completely understood make plans to decrease your future risk. ==See also== * [[Computer emergency response team]] * [[Proactive cyber defence]] == References ==

Computer security incident management: Difference between revisions