Problem
Answer the following questions, and provide references to further my understanding of the concepts.
1) What are the concepts and procedures associated with investigating and responding to security incidents and prevention strategies; why are these concepts and procedures essential for an organization?
2) What guidelines can be included in a disaster recovery plan to prepare for future Web attacks?
3) How are testing suites used in testing a disaster recovery plan; what are some examples based on valid evidence?
4) What principles and best practices should be used to handle evidence acquired during the response to an incident?
5) What are intrusion prevention strategies? What are some examples based on valid evidence?
6) How are intrusion Detection Systems used to secure a network? What are the consequences of failing to secure a network?