Reactive Activities
This includes monitoring of central security systems (eg. Intrusion Prevention System (IPS), antivirus system) and logs from central systems of the infastructure (e.g. DC, Exchange, Radius) to find and mitigate security problems in the University's network.
Assistance with forensic analysis, development of mitigations and subsequent processing of security incidents is part of the reactive activities of UniMS-CERT as well.
Furthermore UniMS-CERT coordinates mitigations for security incidents and provides support in crisis situations.