Visually Assessing Possible Courses of Action for a Computer Network Incursion
When a computer is compromised a standard incident handling process is followed to mitigate damage, expunge the attack, and recover the system. In order to prevent possible spread of an attack, the incident handler will try to isolate the victimized system. Isolation may involve disabling the asset...