Containment refers to the limiting and preventing of further damage to a computer system or network. Containment is a part of incident response, right before the eradication of the threat. Examples of containing a cyber security incident include: Blocking and logging of unauthorized access, blocking malware sources, closing specific ports and servers, changing administrator passwords, relocating website home pages, and isolating systems or networks.

Related Terms: Eradication, Recovery, Revision

Source: Bluegrass Cyber Security

Share this on your social networks. Help Friends, Family, and Colleagues become more aware and secure.