This document discusses incident response procedures before and after a hacking incident. It defines key terms like incident, incident response, and outlines the main steps of incident response including preparation, detection and analysis, containment, eradication, recovery and post-incident activities. Specific topics covered include what to look for to detect incidents, centralizing logs, forensic investigation, and lessons learned.