Please find attached. Let me know if you need edits. Cheers!
Running head: INCIDENT RESPONSE PLAN
Incident Response Plan
Course Number-Name of Course
INCIDENT RESPONSE PLAN
To have an active computer security incident response capability (CSIRC), it is important
for the organization to make a decision on the services the incidence response team is expected
to postulate. Also, deliberate on the models as well as team structures need to provide these
services in addition to the selection and implementation of one or more incident response teams.
According to Cichonski et al. (2012), to establish such a team, it is important to consider the
incident policy, incident plan, and procedure creation. This will ensure that an incident response
team performs effectively, efficiently and consistently to enable the empowerment of the team to
do what that it’s expected to be done. The plans, as well as procedures developed, should be able
to reflect the interactions of the team within members and with other members outside the
organization, for instance, the directive administration, broadcasters among other incidence
response organizations, Rhodes-Ousley (2013). This paper, therefore, is an in-depth assessment
of an incidence response plan.
According to Cichonski et al. (2012), an incidence response plan (IRP) is a set of
instructions that can be used to help information technology (IT) staff to detect, respond to or
recover from incidents of network security. Such a plan is used to address some issues like loss
of data, cybercrime or service outage which may threaten daily operations of an organization.
The National Institute of Standards and Technology (NIST) established the standards as well as
procedures inclusive of the minimum requirements to offer enough info haven for every agent of
assets and operations, although these procedures fail to apply in national security systems. For
this particular scenario, an event is an occurrence that is observable in a network or a system.
Events in this aspect include a user accessing sleeve shares, a request from a server of a page in
the web, users delivering emails as well as a firewall blocking a connection attempt, Cichonski et
INCIDENT RESPONSE PLAN
al. (2013). Adverse events result to an undesirable concern, for instance, systems crash,
executing malware that may destroy data, use of a system without authority and contact to
susceptible info, for example, the scenario at hand where an unknown person accesses payroll
records without authorization.
There was a need for a response team to act and identify the possible threat that could
have been caused by the unauthorized person identified by the payroll administrator leaving the
office. This is to ensure that there is no compromise on either the personal or business data
available in the system as a result of a breach. It has an incident response capability in the
organization would have provided an automatic incidence res...