Containment refers to the limiting and preventing of further damage to a computer system or network. Containment is a part of incident response, right before the eradication of the threat. Examples of containing a cyber security incident include: Blocking and logging of unauthorized access, blocking malware sources, closing specific ports and servers, changing administrator passwords, relocating website home pages, and isolating systems or networks.
Related Terms: Eradication, Recovery, Revision
Source: Bluegrass Cyber Security
