630    Chapter 11 • Operational and Organizational Security: Incident Response

             fire, effectively removing it from the air. Because the oxygen and hydrogen were no
             longer able to work together, the fire would be extinguished.Although it worked,
             it was found to be damaging to the ozone, and was banned from new installations
             of fire suppression systems.This means that once an older system dumps its existing
             load of Halon to put out a fire (or some unfortunate soul accidentally sets off the
             system), the company must now pay to install a completely different fire system
             that doesn’t have adverse effects.
                 There are many different alternatives to Halon, which can be used safely
             without negative impacts on the environment.These include:
                  ■   Inergen (IG-541) A combination of three different gases; nitrogen,
                      argon, and carbon dioxide.When released, it lowers the oxygen content in
                      a room to the point that the fire cannot be sustained.
                  ■   Heptafluoropropane (HFC-227ea) A chemical agent that is also
                      known as FM-200.This agent is released as a gas suppressing the fire, but
                      has been found not to be harmful to persons in the room.

                  ■   Trifluromethane (FE-13) A chemical originally developed by DuPont
                      as a refrigerant, but commonly used in new fire suppression systems. FE-
                      13 molecules absorb heat, making it impossible for the air in the room to
                      support combustion. It is considered to be one of the safest clean agents.
                  ■   Carbon Dioxide Systems  A popular method of fire suppression, as
                      carbon dioxide reduces the oxygen content to the point where the atmo-
                      sphere can no longer support combustion.

                 When deciding on a fire suppression system, it is important to examine
             whether it will damage equipment or is toxic to people when the fire suppression
             system is deployed.


             Forensics

             When certain incidents occur, not only does the immediate problem need to be
             fixed, but the person causing the problem has to be investigated. Companies may
             find their Web sites or networks hacked by outside parties, receive threats via e-
             mail, or fall victim to any number of cyber-crimes. In other cases, an administrator
             may discover that people internal to the organization are committing crimes or
             violating policies. Once systems are secure from further intrusion, the next step is
             to acquire information useful in finding and prosecuting the person responsible.





          www.syngress.com