Home

ENISA: la guida per costituire un CERT

Inserito da Redazione il Mer, 2006-10-18 07:00 ENISA | Ottobre 2006 | Security
061018-enisa-cert ENISA ha realizzato la prima guida per la costituzione di un CERT (Computer Emergency Response Team). Si tratta di un booklet/CD-ROM (pdf, 3M) che comprende case study, prove ed un completo project plan.
Contemporaneamente è stato aggiornato il censimento dei CERT europei che alla data risultano 112.

Indice del documento

  1. Management Summary
  2. Legal Notice
  3. Acknowledgements
  4. 4 Introduction
    • 4.1 Target Audience
    • 4.2 How to use this document
    • 4.3 Conventions used in this document
  5. Overall strategy for planning and setting up a CSIRT
    • 5.1 What is a csirt
    • 5.2 Possible services that a CSIRT can deliver
    • 5.3 Analysis of the constituency and mission statement
  6. Developing the Business Plan
    • 6.1 Defining the financial model
    • 6.2 Defining the organisational structure
    • 6.3 Hiring the right staff
    • 6.4 Utilisation and equipment of the office
    • 6.5 Developing an information security policy
    • 6.6 Search for cooperation between other csirts and possible national initiatives
  7. Promoting the Business Plan
    • 7.1 Description of business plans and management triggers
  8. Examples of operational and technical procedures (workflows)
    • 8.1 Assess the installation base of the constituency
    • 8.2 Generating alerts, warnings and announcements
    • 8.3 Doing incident handling
    • 8.4 Example of a response timetable
    • 8.5 Available CSIRT tooling
  9. CSIRT training
    • 9.1 Transits
    • 9.2 CERT/CC
  10. Exercise: producing an advisory
  11. Conclusion
  12. Description of the Project Plan
  13. Appendix
    • A.1 Further Reading
    • A.2 CSIRT services
    • A.3 The examples
    • A.4 Sample material from CSIRT courses

IsacaRoma link

ENISA

ENISA Quarterly

» email this story | printer friendly version | 1459 reads