|
|
ROLES & FUNCTIONS
Roles
Reactive
- Provide a single point of contact for reporting local problems.
- Assist the organisational constituency and general computing community in preventing and handling computer security incidents.
- Share information and lessons learned with CERT/CC, other CERTs, response teams, organisations and sites.
- Incident Response.
- Provide a 24 x 7 security service.
- Offer recovery procedures.
- Artifact analysis
- Incident tracing
Proactive
- Issue security guidelines, advisories and timely advise.
- Vulnerability analysis and response
- Risk Analysis
- Collaboration with vendors
- National Repository of, and a referral agency for, cyber-intrusions.
- Profiling attackers.
- Conduct Training
- Interact with vendors and others at large to investigate and provide solutions for incidents.
Functions
Reporting
- Central point for reporting incidents
- Database of incidents
Analysis
- Analysis of trends and patterns of intruder activity
- Develop preventive strategies for the whole constituency
- In-depth look at an incident report or an incident activity to determine the scope, priority and threat of the incident.
Response
- Incident response is a process devoted to restoring affected systems to operation
- Send out recommendations for recovery from, and containment of damage caused by the incidents.
- Help the System Administrators take follow up action to prevent recurrence of similar incidents
|
"Install genuine and updated software
to strengthen your online safety and security" |
|
|
|
|
|
|
|