X hits on this document

Powerpoint document

HHS Cybersecurity Program Training Information Security for Information Technology (IT) Administrato... - page 91 / 158

360 views

0 shares

0 downloads

0 comments

91 / 158

U.S. Department of Health and Human Services

Detecting potential security incidents may be difficult since many initially evade recognition by the sole use of monitoring tools. Knowing how a system usually behaves and learning which symptoms can indicate potential incidents is a way to recognize when you should investigate.

Correlation and analysis of events may help to identify potential incidents that may have been overlooked, which could become a more serious problem. Early awareness of potential incidents can stop damage, disclosure, and other harmful effects before they happen.

Incident detection and analysis may take several individuals reviewing activity before it is realized that an incident has occurred.

Within HHS, users should report all suspected computer security incidents to their local OPDIV Computer Security Incident Response Team (CSIRT) or Help Desk.

For more information on incident reporting, please visit: http://intranet.hhs.gov/it/cybersecurity/hhs_csirc/index.html,

Page 4 of 12

Operations and Maintenance Phase

Detecting and Analyzing Incidents

Document info
Document views360
Page views360
Page last viewedSun Dec 04 04:53:57 UTC 2016
Pages158
Paragraphs2058
Words16945

Comments