Analysis Step
|
Amal
|
Ta'rifi
|
1. Analytical Applications
|
Start numerical analysis applications.
|
Initiate digital network or system analysis applications. Collect information from user input, system logs, monitoring systems, and other security sources.
|
2. Incident Detection
|
Identify security incidents.
|
Identify security incidents that occurred in the system during the analysis period. Identify events such as logouts, system outages, and network traffic changes.
|
3. Incident Analysis
|
Analyze events in detail.
|
Detailed analysis of identified events. Analysis of attacks and defenses against them. Analyzing the details of the events helps to explain the attacks.
|
4. Regulation
|
Define actions against security incidents.
|
Define actions against incidents. Define steps such as security recovery, data recovery, system isolation, increased monitoring.
|
5. Data Distribution and Art
|
Collect and share data.
|
Collect, analyze, and share digital security analytics data using custom structured and structured methods.
|
6. Description of Events
|
Describe the events.
|
Describe previous attacks, learned attacks, and loss supplements. These descriptions will help you prepare well to avoid such attacks in the future.
|
7. Eliminate and Zoom
|
Follow up on identified events.
|
Take action against detected security incidents. It includes troubleshooting, recovering compromised systems and data, and implementing countermeasures against attacks.
|
8. Single Supply Restoration
|
Depending on the results of the security analysis, restore the supply.
|
Take organizational steps to restore security according to analysis results.
|
