Problem
Consider the development of an incident response policy for the Web design company mentioned in Problems Specifically consider the response to the detection of hacking and defacement of the company's Web server. What default decision do you recommend its incident response policy dictate regarding disconnecting this system from the Internet to limit damaging publicity? Take into account the role of this server in promoting the company's operations. What default decision do you recommend regarding reporting this incident to the appropriate CERT? Or to the relevant law enforcement authorities?