-
作者卡巴斯基 Kaspersky
-
简介
- About this guide
- Terms and definitions
- Incident Response Basics
- Attack lifecycle (kill chain)
- Incident response steps
- Recommended IR process and rules
- Preparation
- Identification
- Incident triggers
- Prioritization guidelines
- Analyzing incidents in SIEM
- Containment
- Eradication
- Recovery
- Lessons learned
- Incident response example
- The attack plan
- The incident response
- Preparation (example)
- Identification (example)
- Containment (example)
- Eradication and Recovery (example)
- Lessons learned (example)
- Recommended tools and utilities
- Tools for collecting IOC
- Sysinternals utilities
- Tools for creating dumps
- GRR Rapid Response
- Forensic Toolkit
- dd utility
- Belkasoft RAM Capturer
- Tools for analysis
- Kaspersky Threat Intelligence Portal
- Tools for analyzing memory dumps
- Tools for analyzing hard disk dumps
- Strings utility
- Tools for eradication
- Kaspersky Virus Removal Tool
- Kaspersky Rescue Disk
- Tools for collecting IOC
- AO Kaspersky Lab
- Trademark notices
- About this guide
-
援引http://m.bobao.360.cn/learning/detail/4330.html
-
提示本站仅做资料的整理和索引,转载引用请注明出处
相关推荐
-
2020-10-29 07:36:42.110048
-
2018-09-18 02:37:38
-
2017-11-27 13:33:26
-
2019-01-22 05:13:22