||Recover from Unauthorized Use: Network Operators and Service Providers should remove invalid records whenever it is determined that a network element has been modified without proper authorization, or rollback to the last valid version of record. The attack should be investigated to identify potential security changes.
||Cable; Internet/Data; Satellite; Wireless; Wireline
||Service Provider; Network Operator
||Cyber Security;Disaster Recovery;Emergency Preparedness;Intrusion Detection;
||IETF RFC2350, CMU/SEI-98-HB-001. Note: This Best practice could impact 9-1-1 operations.