Malware Identification Decision Tree |
3. Incident Response Phases |
![]() | 3.1. Preparation |
![]() | 3.2. Detection and Analysis |
![]() | 3.3. Containment |
![]() | 3.4. Eradication |
![]() | 3.5. Recovery |
![]() | 3.6. Post-Incident Activity |
1. Suspect Worm |
2. Suspect Advanced Persistent Threat |
4. Suspect Virus |
5. Suspect Trojan |
6. Symantec Specific Analysis Steps |
7. Information References |
Information in this section obtained from NIST.gov