Product SiteDocumentation Site

4.3.3. Entry Investigation

In the event that the incident involves a compromise of security such as an intrusion, it is important to determine the point of entry. Below are questions that should be answered in the event of such a compromise, prior to any mitigation efforts such as rebuilding or repairing services.
Entry Investigation Sign off
Sign offTaskDescription
Entry InvestigationAnswer the questions below.
Entry Investigation
CompleteQuestionAnswer
How did the attacker gain entry to the services?
What is the likelihood the incident was caused by (1) a malicious associate, or (2) someone without any prior association with The Fedora Project?
Did the attacker use a known or unknown vulnerability in software installed on the system?
Did the attacker use physical access to any of the host(s) covered by this plan to gain additional access?
Did the attack appear to come from other machines operated by The Fedora Project?
Did the attack appear to come from machines operated by any of our hosting providers?