Download Safari Books Online apps: Apple iOS | Android

Entire Site

Safari Books Online

    Free Trial

    Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.


    • Create BookmarkCreate Bookmark
    • Create Note or TagCreate Note or Tag
    • PrintPrint
    Share this Page URL
    Help

    Chapter 3. Preparing for Incident Response > Backing Up Critical Data

    Backing Up Critical Data

    Regular, complete system backups can be a useful reference during incident response. Backups, like checksums, allow you to figure out what was modified, because they provide a known-good copy of the file system. Backups can also help you to discover what was deleted and what was added, which checksums alone cannot reveal. Additionally, some backups save time/date information, which may be useful for checking the times files and directories were last accessed, modified, or created.

    Note

    The backups that we discuss here are different from the physical duplications used to preserve evidence, discussed in Chapter 7. System backups are created in the course of normal system administration and are used primarily for data recovery. The utility incident investigators gain from these backups is a side benefit.



      

    You are currently reading a PREVIEW of this book.

                                                                                            

    Get instant access to over
    $1 million worth of books and videos.

      

    Start a Free Trial