Visually Assessing Possible Courses of Action for a Computer Network Incursion

When a computer is compromised a standard incident handling process is followed to mitigate damage, expunge the attack, and recover the system. In order to prevent possible spread of an attack, the incident handler will try to isolate the victimized system. Isolation may involve disabling the asset...
Grant Vandenberghe
June 15, 2007

All papers are copyrighted. No re-posting of papers is permitted