It is important for an organization to be prepared to respond to a cyber-attack. An incident response plan provides this preparation.
Since implementing a Window’s Security Model for the Big Apple Software Company, you will also need to address the organization’s incidence handling and the processes that are in place in the event their network comes under attack. Based on the knowledge you’ve obtained, formulate an Incidence Response Plan for the Software Giant. Your incidence investigation will also need to cover:
- What happened?
- Who did it?
- When did it happen?
- Where did the incident originate and where was its target?
- How did it happen?
Finally, after you’ve formulated an incidence response plan, provide in detail a short summary to include the following:
- Describe in detail what you have learned about incidence handling and management.
- Do you feel your Incidence Response plan is comparable to other incidence handling management for other operating systems?
An Incidence Response Plan for a small to mid-sized organization. The plan will be 8-10 pages in length, containing at least 5 authoritative references, and will address, at a minimum:
- Create an Incidence Reporting Form to identify and document the incident. Include in the form: general Information, type of incident and details of the event. You can use your text book or the internet to copy a sample reporting form.
- The form should provide classification, scope and severity of the incident.
- Describe in detail identifying the incident, and how it was discovered
- Choose a containment strategy
- Describe what strategy was used to remove or resolve the incident
- Keep the incident damage scope from expanding; explain how you plan to do this.
- Provide the best course of action to eradicate each type of incident
- Only provide a recovery strategy if this step requires restore activity