SlideShare a Scribd company logo

Summary of Chapter 11 ResponseIncident trigger, expert gatherin.docx

Download as DOCX, PDF
D
deanmtaylor1545

Summary of Chapter 11 Response: Incident trigger, expert gathering, incident analysis, response activities are the common components of a security program. Incident response is a process to address and manage any security threat or cyberattack. There are two fundamental types of triggers that initiate response. The first type involves tangible, visible effects of a malicious attack or incident. The second type of trigger involves early warning and indications information. Based on how the triggers are addressed, incident response processes can be categorized as front-loaded prevention- to collect indications and warnings which can be used for the early prevention of security attacks, back-loaded recovery-to collect information from different sources which can provide tangible, visible information about attacks that might be underway or completed. An optimal incident response team includes two components which are a core set of individuals and a set of subject matter experts. In the case of multiple incidents with complex settings, the management of simultaneous response cases is highly important and requires assurance that there should not be any conflicts between any two cases. Incident response team must plan for multiple concurrent attacks with proper planning that includes avoidance of a single point of contact individual, case management automation, organizational support for expert involvement, 24/7 operational support. Incident response process includes forensic analysis which should address the root cause of the incident, vulnerabilities exploited, state and consequences of the incident, what action was taken. The decision process for law enforcement involvement in forensics has to be undergone to decide if law enforcement should be involved and called upon for support. Disaster Recovery Program includes three main components which are preparation, planning, and practice.  National programs can provide centralized coordination In this chapter 11, we have seen the incident response is an organization’s reaction to halting and recovering from a security incident, and the response plan must be in place before the incident occurs. The goal of having an incident response plan is to ensure that your organization is fully prepared for, and ready to respond to any level of cyber security incident fast and effectively. A cyber security program will contain at least the following Incident trigger, Expert gathering, Incident analysis and Response activities.(Amoroso,2012) We have also seen about the Pre-Versus post attack response. There are two fundamental types of triggers .Tangible, visible effects of an attack and Early warning and indications information .Thus, two approaches to incident response processes are Front-loaded prevention and Back-loaded recovery. The two approaches should be combined for comprehensive response picture. Protecting national assets is worth suffering a high number of false positives.The incident response teams .

Education
1 of 3
Summary of Chapter 11 Response: Incident trigger, expert gathering, incident analysis, response activities are the common components of a security program. Incident response is a process to address and manage any security threat or cyberattack. There are two fundamental types of triggers that initiate response. The first type involves tangible, visible effects of a malicious attack or incident. The second type of trigger involves early warning and indications information. Based on how the triggers are addressed, incident response processes can be categorized as front-loaded prevention- to collect indications and warnings which can be used for the early prevention of security attacks, back-loaded recovery-to collect information from different sources which can provide tangible, visible information about attacks that might be underway or completed. An optimal incident response team includes two components which are a core set of individuals and a set of subject matter experts. In the case of multiple incidents with complex settings, the management of simultaneous response cases is highly important and requires assurance that there should not be any conflicts between any two cases. Incident response team must plan for multiple concurrent attacks with proper planning that includes avoidance of a single point of contact individual, case management automation, organizational support for expert involvement, 24/7 operational support. Incident response process includes forensic analysis which should address the root cause of the incident, vulnerabilities exploited, state and consequences of the incident, what action was taken. The decision process for law enforcement involvement in forensics has to be undergone to decide if law enforcement should be involved and called upon for support. Disaster Recovery Program includes three main components which are preparation, planning, and practice. National programs can provide centralized coordination
In this chapter 11, we have seen the incident response is an organization’s reaction to halting and recovering from a security incident, and the response plan must be in place before the incident occurs. The goal of having an incident response plan is to ensure that your organization is fully prepared for, and ready to respond to any level of cyber security incident fast and effectively. A cyber security program will contain at least the following Incident trigger, Expert gathering, Incident analysis and Response activities.(Amoroso,2012) We have also seen about the Pre-Versus post attack response. There are two fundamental types of triggers .Tangible, visible effects of an attack and Early warning and indications information .Thus, two approaches to incident response processes are Front-loaded prevention and Back-loaded recovery. The two approaches should be combined for comprehensive response picture. Protecting national assets is worth suffering a high number of false positives.The incident response teams are optimal incident response team includes two components A core set of individuals as well as A set of subject matter experts. Response teams in a national setting must plan for multiple concurrent attacks aimed at a company or agency.The other topic is forensic analysis is the Internal expert most likely the best to lead a company investigation.Disaster recovery program which is nothing but the preparing, planning and practice.Finally we have see about the National response programs can provide centralized coordination intrasector coordination should be encouraged .Currently, coordination is not the main focus of most national emergency response team programs.
Summary of Chapter 11 ResponseIncident trigger, expert gatherin.docx

Recommended

Practical Guide to Managing Incidents Using LLM's and NLP.pdf
Practical Guide to Managing Incidents Using LLM's and NLP.pdfPractical Guide to Managing Incidents Using LLM's and NLP.pdf
Practical Guide to Managing Incidents Using LLM's and NLP.pdfChris Galvan
 
Future Cyber Attacks & Solution - Symantec
Future Cyber Attacks & Solution - SymantecFuture Cyber Attacks & Solution - Symantec
Future Cyber Attacks & Solution - SymantecCheapSSLsecurity
 
Preparing for future attacks - the right security strategy
Preparing for future attacks - the right security strategyPreparing for future attacks - the right security strategy
Preparing for future attacks - the right security strategyRapidSSLOnline.com
 
Preparing for future attacks. Solution Brief: Implementing the right securit...
Preparing for future attacks. Solution Brief: Implementing the right securit...Preparing for future attacks. Solution Brief: Implementing the right securit...
Preparing for future attacks. Solution Brief: Implementing the right securit...Symantec
 
1Running head IDENTITY MANAGEMENT AND SECURITY AWARENESS TRAI.docx
1Running head IDENTITY MANAGEMENT AND SECURITY AWARENESS TRAI.docx1Running head IDENTITY MANAGEMENT AND SECURITY AWARENESS TRAI.docx
1Running head IDENTITY MANAGEMENT AND SECURITY AWARENESS TRAI.docxeugeniadean34240
 
IT Security and Management - Semi Finals by Mark John Lado
IT Security and Management - Semi Finals by Mark John LadoIT Security and Management - Semi Finals by Mark John Lado
IT Security and Management - Semi Finals by Mark John LadoMark John Lado, MIT
 
An incident response plan (IRP) is a set of written instructions for.pdf
An incident response plan (IRP) is a set of written instructions for.pdfAn incident response plan (IRP) is a set of written instructions for.pdf
An incident response plan (IRP) is a set of written instructions for.pdfaradhana9856
 
85Operations Security, Site Security, and Terrorism In.docx
85Operations Security, Site Security, and Terrorism In.docx 85Operations Security, Site Security, and Terrorism In.docx
85Operations Security, Site Security, and Terrorism In.docxShiraPrater50
 

Recommended

Practical Guide to Managing Incidents Using LLM's and NLP.pdf
Practical Guide to Managing Incidents Using LLM's and NLP.pdfPractical Guide to Managing Incidents Using LLM's and NLP.pdf
Practical Guide to Managing Incidents Using LLM's and NLP.pdfChris Galvan
 
Future Cyber Attacks & Solution - Symantec
Future Cyber Attacks & Solution - SymantecFuture Cyber Attacks & Solution - Symantec
Future Cyber Attacks & Solution - SymantecCheapSSLsecurity
 
Preparing for future attacks - the right security strategy
Preparing for future attacks - the right security strategyPreparing for future attacks - the right security strategy
Preparing for future attacks - the right security strategyRapidSSLOnline.com
 
Preparing for future attacks. Solution Brief: Implementing the right securit...
Preparing for future attacks. Solution Brief: Implementing the right securit...Preparing for future attacks. Solution Brief: Implementing the right securit...
Preparing for future attacks. Solution Brief: Implementing the right securit...Symantec
 
1Running head IDENTITY MANAGEMENT AND SECURITY AWARENESS TRAI.docx
1Running head IDENTITY MANAGEMENT AND SECURITY AWARENESS TRAI.docx1Running head IDENTITY MANAGEMENT AND SECURITY AWARENESS TRAI.docx
1Running head IDENTITY MANAGEMENT AND SECURITY AWARENESS TRAI.docxeugeniadean34240
 
IT Security and Management - Semi Finals by Mark John Lado
IT Security and Management - Semi Finals by Mark John LadoIT Security and Management - Semi Finals by Mark John Lado
IT Security and Management - Semi Finals by Mark John LadoMark John Lado, MIT
 
An incident response plan (IRP) is a set of written instructions for.pdf
An incident response plan (IRP) is a set of written instructions for.pdfAn incident response plan (IRP) is a set of written instructions for.pdf
An incident response plan (IRP) is a set of written instructions for.pdfaradhana9856
 
85Operations Security, Site Security, and Terrorism In.docx
85Operations Security, Site Security, and Terrorism In.docx 85Operations Security, Site Security, and Terrorism In.docx
85Operations Security, Site Security, and Terrorism In.docxShiraPrater50
 
Planning for contingencies
Planning for contingenciesPlanning for contingencies
Planning for contingenciesHassanein Alwan
 
Incident response Process in information security .pptx
Incident response Process in information security .pptxIncident response Process in information security .pptx
Incident response Process in information security .pptxSarwatDilawaiz
 
A Guide for Businesses.pdf
A Guide for Businesses.pdfA Guide for Businesses.pdf
A Guide for Businesses.pdfDaviesParker
 
Managing Vulnerability SEC400 Managing.docx
Managing Vulnerability SEC400 Managing.docxManaging Vulnerability SEC400 Managing.docx
Managing Vulnerability SEC400 Managing.docxinfantsuk
 
Automated Incident Handling Using SIM
Automated Incident Handling Using SIMAutomated Incident Handling Using SIM
Automated Incident Handling Using SIMAnton Chuvakin
 
Vskills Certified Network Security Professional Sample Material
Vskills Certified Network Security Professional Sample MaterialVskills Certified Network Security Professional Sample Material
Vskills Certified Network Security Professional Sample MaterialVskills
 
CHAPTER 7 Risk Assessment, Security Surveys, and PlanningLEARNIN.docx
CHAPTER 7 Risk Assessment, Security Surveys, and PlanningLEARNIN.docxCHAPTER 7 Risk Assessment, Security Surveys, and PlanningLEARNIN.docx
CHAPTER 7 Risk Assessment, Security Surveys, and PlanningLEARNIN.docxchristinemaritza
 
Chapter 33Incident Response and Forensic AnalysisCopyright ©.docx
Chapter 33Incident Response and Forensic AnalysisCopyright ©.docxChapter 33Incident Response and Forensic AnalysisCopyright ©.docx
Chapter 33Incident Response and Forensic AnalysisCopyright ©.docxchristinemaritza
 
Cybersecurity Incident Response Planning.pdf
Cybersecurity Incident Response Planning.pdfCybersecurity Incident Response Planning.pdf
Cybersecurity Incident Response Planning.pdfCiente
 
1Running head DISASTER RECOVERY PLAN2DISASTER RECOVERY PLAN.docx
1Running head DISASTER RECOVERY PLAN2DISASTER RECOVERY PLAN.docx1Running head DISASTER RECOVERY PLAN2DISASTER RECOVERY PLAN.docx
1Running head DISASTER RECOVERY PLAN2DISASTER RECOVERY PLAN.docxfelicidaddinwoodie
 
Discuss the four steps involved in the maintenance of the indicent res.docx
Discuss the four steps involved in the maintenance of the indicent res.docxDiscuss the four steps involved in the maintenance of the indicent res.docx
Discuss the four steps involved in the maintenance of the indicent res.docxwviola
 
Running Head Personal Reflection1Personal Reflection1.docx
Running Head Personal Reflection1Personal Reflection1.docxRunning Head Personal Reflection1Personal Reflection1.docx
Running Head Personal Reflection1Personal Reflection1.docxjeanettehully
 
Chapter 12Security Operations In this chapter
Chapter 12Security Operations In this chapter Chapter 12Security Operations In this chapter
Chapter 12Security Operations In this chapterMargaritoWhitt221
 
The Three Dimensions of Security
The Three Dimensions of SecurityThe Three Dimensions of Security
The Three Dimensions of SecurityCSCJournals
 
Coordinating Security Response and Crisis Management Planning
Coordinating Security Response and Crisis Management PlanningCoordinating Security Response and Crisis Management Planning
Coordinating Security Response and Crisis Management PlanningCognizant
 
Incident ResponseAs a security professional, you will.docx
Incident ResponseAs a security professional, you will.docx Incident ResponseAs a security professional, you will.docx
Incident ResponseAs a security professional, you will.docxMARRY7
 
The Role of Incident Response in Cybersecurity: Protecting Your Organization
The Role of Incident Response in Cybersecurity: Protecting Your OrganizationThe Role of Incident Response in Cybersecurity: Protecting Your Organization
The Role of Incident Response in Cybersecurity: Protecting Your OrganizationLDMGlobal
 
The Role of Incident Response in Cybersecurity: Protecting Your Organization
The Role of Incident Response in Cybersecurity: Protecting Your OrganizationThe Role of Incident Response in Cybersecurity: Protecting Your Organization
The Role of Incident Response in Cybersecurity: Protecting Your OrganizationLDMGlobal
 
Create your own variant of both a hiring and a termination policy rela.docx
Create your own variant of both a hiring and a termination policy rela.docxCreate your own variant of both a hiring and a termination policy rela.docx
Create your own variant of both a hiring and a termination policy rela.docxearleanp
 
Proactive vs. Reactive Approaches to Software Security Strategy
Proactive vs. Reactive Approaches to Software Security StrategyProactive vs. Reactive Approaches to Software Security Strategy
Proactive vs. Reactive Approaches to Software Security StrategyLindsey Landolfi
 
Assignment 1  Dealing with Diversity in America from Reconstructi.docx
Assignment 1  Dealing with Diversity in America from Reconstructi.docxAssignment 1  Dealing with Diversity in America from Reconstructi.docx
Assignment 1  Dealing with Diversity in America from Reconstructi.docxdeanmtaylor1545
 
Assignment 1 Why are the originalraw data not readily us.docx
Assignment 1 Why are the originalraw data not readily us.docxAssignment 1 Why are the originalraw data not readily us.docx
Assignment 1 Why are the originalraw data not readily us.docxdeanmtaylor1545
 

More Related Content

Similar to Summary of Chapter 11 ResponseIncident trigger, expert gatherin.docx

Planning for contingencies
Planning for contingenciesPlanning for contingencies
Planning for contingenciesHassanein Alwan
 
Incident response Process in information security .pptx
Incident response Process in information security .pptxIncident response Process in information security .pptx
Incident response Process in information security .pptxSarwatDilawaiz
 
A Guide for Businesses.pdf
A Guide for Businesses.pdfA Guide for Businesses.pdf
A Guide for Businesses.pdfDaviesParker
 
Managing Vulnerability SEC400 Managing.docx
Managing Vulnerability SEC400 Managing.docxManaging Vulnerability SEC400 Managing.docx
Managing Vulnerability SEC400 Managing.docxinfantsuk
 
Automated Incident Handling Using SIM
Automated Incident Handling Using SIMAutomated Incident Handling Using SIM
Automated Incident Handling Using SIMAnton Chuvakin
 
Vskills Certified Network Security Professional Sample Material
Vskills Certified Network Security Professional Sample MaterialVskills Certified Network Security Professional Sample Material
Vskills Certified Network Security Professional Sample MaterialVskills
 
CHAPTER 7 Risk Assessment, Security Surveys, and PlanningLEARNIN.docx
CHAPTER 7 Risk Assessment, Security Surveys, and PlanningLEARNIN.docxCHAPTER 7 Risk Assessment, Security Surveys, and PlanningLEARNIN.docx
CHAPTER 7 Risk Assessment, Security Surveys, and PlanningLEARNIN.docxchristinemaritza
 
Chapter 33Incident Response and Forensic AnalysisCopyright ©.docx
Chapter 33Incident Response and Forensic AnalysisCopyright ©.docxChapter 33Incident Response and Forensic AnalysisCopyright ©.docx
Chapter 33Incident Response and Forensic AnalysisCopyright ©.docxchristinemaritza
 
Cybersecurity Incident Response Planning.pdf
Cybersecurity Incident Response Planning.pdfCybersecurity Incident Response Planning.pdf
Cybersecurity Incident Response Planning.pdfCiente
 
1Running head DISASTER RECOVERY PLAN2DISASTER RECOVERY PLAN.docx
1Running head DISASTER RECOVERY PLAN2DISASTER RECOVERY PLAN.docx1Running head DISASTER RECOVERY PLAN2DISASTER RECOVERY PLAN.docx
1Running head DISASTER RECOVERY PLAN2DISASTER RECOVERY PLAN.docxfelicidaddinwoodie
 
Discuss the four steps involved in the maintenance of the indicent res.docx
Discuss the four steps involved in the maintenance of the indicent res.docxDiscuss the four steps involved in the maintenance of the indicent res.docx
Discuss the four steps involved in the maintenance of the indicent res.docxwviola
 
Running Head Personal Reflection1Personal Reflection1.docx
Running Head Personal Reflection1Personal Reflection1.docxRunning Head Personal Reflection1Personal Reflection1.docx
Running Head Personal Reflection1Personal Reflection1.docxjeanettehully
 
Chapter 12Security Operations In this chapter
Chapter 12Security Operations In this chapter Chapter 12Security Operations In this chapter
Chapter 12Security Operations In this chapterMargaritoWhitt221
 
The Three Dimensions of Security
The Three Dimensions of SecurityThe Three Dimensions of Security
The Three Dimensions of SecurityCSCJournals
 
Coordinating Security Response and Crisis Management Planning
Coordinating Security Response and Crisis Management PlanningCoordinating Security Response and Crisis Management Planning
Coordinating Security Response and Crisis Management PlanningCognizant
 
Incident ResponseAs a security professional, you will.docx
Incident ResponseAs a security professional, you will.docx Incident ResponseAs a security professional, you will.docx
Incident ResponseAs a security professional, you will.docxMARRY7
 
The Role of Incident Response in Cybersecurity: Protecting Your Organization
The Role of Incident Response in Cybersecurity: Protecting Your OrganizationThe Role of Incident Response in Cybersecurity: Protecting Your Organization
The Role of Incident Response in Cybersecurity: Protecting Your OrganizationLDMGlobal
 
The Role of Incident Response in Cybersecurity: Protecting Your Organization
The Role of Incident Response in Cybersecurity: Protecting Your OrganizationThe Role of Incident Response in Cybersecurity: Protecting Your Organization
The Role of Incident Response in Cybersecurity: Protecting Your OrganizationLDMGlobal
 
Create your own variant of both a hiring and a termination policy rela.docx
Create your own variant of both a hiring and a termination policy rela.docxCreate your own variant of both a hiring and a termination policy rela.docx
Create your own variant of both a hiring and a termination policy rela.docxearleanp
 
Proactive vs. Reactive Approaches to Software Security Strategy
Proactive vs. Reactive Approaches to Software Security StrategyProactive vs. Reactive Approaches to Software Security Strategy
Proactive vs. Reactive Approaches to Software Security StrategyLindsey Landolfi
 

Similar to Summary of Chapter 11 ResponseIncident trigger, expert gatherin.docx (20)

Planning for contingencies
Planning for contingenciesPlanning for contingencies
Planning for contingencies
 
Incident response Process in information security .pptx
Incident response Process in information security .pptxIncident response Process in information security .pptx
Incident response Process in information security .pptx
 
A Guide for Businesses.pdf
A Guide for Businesses.pdfA Guide for Businesses.pdf
A Guide for Businesses.pdf
 
Managing Vulnerability SEC400 Managing.docx
Managing Vulnerability SEC400 Managing.docxManaging Vulnerability SEC400 Managing.docx
Managing Vulnerability SEC400 Managing.docx
 
Automated Incident Handling Using SIM
Automated Incident Handling Using SIMAutomated Incident Handling Using SIM
Automated Incident Handling Using SIM
 
Vskills Certified Network Security Professional Sample Material
Vskills Certified Network Security Professional Sample MaterialVskills Certified Network Security Professional Sample Material
Vskills Certified Network Security Professional Sample Material
 
CHAPTER 7 Risk Assessment, Security Surveys, and PlanningLEARNIN.docx
CHAPTER 7 Risk Assessment, Security Surveys, and PlanningLEARNIN.docxCHAPTER 7 Risk Assessment, Security Surveys, and PlanningLEARNIN.docx
CHAPTER 7 Risk Assessment, Security Surveys, and PlanningLEARNIN.docx
 
Chapter 33Incident Response and Forensic AnalysisCopyright ©.docx
Chapter 33Incident Response and Forensic AnalysisCopyright ©.docxChapter 33Incident Response and Forensic AnalysisCopyright ©.docx
Chapter 33Incident Response and Forensic AnalysisCopyright ©.docx
 
Cybersecurity Incident Response Planning.pdf
Cybersecurity Incident Response Planning.pdfCybersecurity Incident Response Planning.pdf
Cybersecurity Incident Response Planning.pdf
 
1Running head DISASTER RECOVERY PLAN2DISASTER RECOVERY PLAN.docx
1Running head DISASTER RECOVERY PLAN2DISASTER RECOVERY PLAN.docx1Running head DISASTER RECOVERY PLAN2DISASTER RECOVERY PLAN.docx
1Running head DISASTER RECOVERY PLAN2DISASTER RECOVERY PLAN.docx
 
Discuss the four steps involved in the maintenance of the indicent res.docx
Discuss the four steps involved in the maintenance of the indicent res.docxDiscuss the four steps involved in the maintenance of the indicent res.docx
Discuss the four steps involved in the maintenance of the indicent res.docx
 
Running Head Personal Reflection1Personal Reflection1.docx
Running Head Personal Reflection1Personal Reflection1.docxRunning Head Personal Reflection1Personal Reflection1.docx
Running Head Personal Reflection1Personal Reflection1.docx
 
Chapter 12Security Operations In this chapter
Chapter 12Security Operations In this chapter Chapter 12Security Operations In this chapter
Chapter 12Security Operations In this chapter
 
The Three Dimensions of Security
The Three Dimensions of SecurityThe Three Dimensions of Security
The Three Dimensions of Security
 
Coordinating Security Response and Crisis Management Planning
Coordinating Security Response and Crisis Management PlanningCoordinating Security Response and Crisis Management Planning
Coordinating Security Response and Crisis Management Planning
 
Incident ResponseAs a security professional, you will.docx
Incident ResponseAs a security professional, you will.docx Incident ResponseAs a security professional, you will.docx
Incident ResponseAs a security professional, you will.docx
 
The Role of Incident Response in Cybersecurity: Protecting Your Organization
The Role of Incident Response in Cybersecurity: Protecting Your OrganizationThe Role of Incident Response in Cybersecurity: Protecting Your Organization
The Role of Incident Response in Cybersecurity: Protecting Your Organization
 
The Role of Incident Response in Cybersecurity: Protecting Your Organization
The Role of Incident Response in Cybersecurity: Protecting Your OrganizationThe Role of Incident Response in Cybersecurity: Protecting Your Organization
The Role of Incident Response in Cybersecurity: Protecting Your Organization
 
Create your own variant of both a hiring and a termination policy rela.docx
Create your own variant of both a hiring and a termination policy rela.docxCreate your own variant of both a hiring and a termination policy rela.docx
Create your own variant of both a hiring and a termination policy rela.docx
 
Proactive vs. Reactive Approaches to Software Security Strategy
Proactive vs. Reactive Approaches to Software Security StrategyProactive vs. Reactive Approaches to Software Security Strategy
Proactive vs. Reactive Approaches to Software Security Strategy
 

More from deanmtaylor1545

Assignment 1  Dealing with Diversity in America from Reconstructi.docx
Assignment 1  Dealing with Diversity in America from Reconstructi.docxAssignment 1  Dealing with Diversity in America from Reconstructi.docx
Assignment 1  Dealing with Diversity in America from Reconstructi.docxdeanmtaylor1545
 
Assignment 1 Why are the originalraw data not readily us.docx
Assignment 1 Why are the originalraw data not readily us.docxAssignment 1 Why are the originalraw data not readily us.docx
Assignment 1 Why are the originalraw data not readily us.docxdeanmtaylor1545
 
Assignment 1 Refer to the attached document and complete the .docx
Assignment 1 Refer to the attached document and complete the .docxAssignment 1 Refer to the attached document and complete the .docx
Assignment 1 Refer to the attached document and complete the .docxdeanmtaylor1545
 
Assignment 1 Remote Access Method EvaluationLearning Ob.docx
Assignment 1 Remote Access Method EvaluationLearning Ob.docxAssignment 1 Remote Access Method EvaluationLearning Ob.docx
Assignment 1 Remote Access Method EvaluationLearning Ob.docxdeanmtaylor1545
 
Assignment 1 Please read ALL directions below before startin.docx
Assignment 1 Please read ALL directions below before startin.docxAssignment 1 Please read ALL directions below before startin.docx
Assignment 1 Please read ALL directions below before startin.docxdeanmtaylor1545
 
Assignment 1 Inmates Rights and Special CircumstancesCriteria.docx
Assignment 1 Inmates Rights and Special CircumstancesCriteria.docxAssignment 1 Inmates Rights and Special CircumstancesCriteria.docx
Assignment 1 Inmates Rights and Special CircumstancesCriteria.docxdeanmtaylor1545
 
Assignment 1 Go back through the business press (Fortune, The Ec.docx
Assignment 1 Go back through the business press (Fortune, The Ec.docxAssignment 1 Go back through the business press (Fortune, The Ec.docx
Assignment 1 Go back through the business press (Fortune, The Ec.docxdeanmtaylor1545
 
Assignment 1 Discussion—Environmental FactorsIn this assignment, .docx
Assignment 1 Discussion—Environmental FactorsIn this assignment, .docxAssignment 1 Discussion—Environmental FactorsIn this assignment, .docx
Assignment 1 Discussion—Environmental FactorsIn this assignment, .docxdeanmtaylor1545
 
Assignment 1 1. Using a Microsoft Word document, please post one.docx
Assignment 1 1. Using a Microsoft Word document, please post one.docxAssignment 1 1. Using a Microsoft Word document, please post one.docx
Assignment 1 1. Using a Microsoft Word document, please post one.docxdeanmtaylor1545
 
Assignment 1  Dealing with Diversity in America from Reconstructi.docx
Assignment 1  Dealing with Diversity in America from Reconstructi.docxAssignment 1  Dealing with Diversity in America from Reconstructi.docx
Assignment 1  Dealing with Diversity in America from Reconstructi.docxdeanmtaylor1545
 
Assignment 1  Due Monday 92319 By using linear and nonlinear .docx
Assignment 1  Due Monday 92319 By using linear and nonlinear .docxAssignment 1  Due Monday 92319 By using linear and nonlinear .docx
Assignment 1  Due Monday 92319 By using linear and nonlinear .docxdeanmtaylor1545
 
Assignment 1This assignment is due in Module 8. There are many v.docx
Assignment 1This assignment is due in Module 8. There are many v.docxAssignment 1This assignment is due in Module 8. There are many v.docx
Assignment 1This assignment is due in Module 8. There are many v.docxdeanmtaylor1545
 
Assignment 1TextbookInformation Systems for Business and Beyond.docx
Assignment 1TextbookInformation Systems for Business and Beyond.docxAssignment 1TextbookInformation Systems for Business and Beyond.docx
Assignment 1TextbookInformation Systems for Business and Beyond.docxdeanmtaylor1545
 
ASSIGNMENT 1TASK FORCE COMMITTEE REPORTISSUE AND SOLUTI.docx
ASSIGNMENT 1TASK FORCE COMMITTEE REPORTISSUE AND SOLUTI.docxASSIGNMENT 1TASK FORCE COMMITTEE REPORTISSUE AND SOLUTI.docx
ASSIGNMENT 1TASK FORCE COMMITTEE REPORTISSUE AND SOLUTI.docxdeanmtaylor1545
 
Assignment 1Select one of these three philosophers (Rousseau, Lo.docx
Assignment 1Select one of these three philosophers (Rousseau, Lo.docxAssignment 1Select one of these three philosophers (Rousseau, Lo.docx
Assignment 1Select one of these three philosophers (Rousseau, Lo.docxdeanmtaylor1545
 
Assignment 1Scenario 1You are developing a Windows auditing pl.docx
Assignment 1Scenario 1You are developing a Windows auditing pl.docxAssignment 1Scenario 1You are developing a Windows auditing pl.docx
Assignment 1Scenario 1You are developing a Windows auditing pl.docxdeanmtaylor1545
 
Assignment 1Research by finding an article or case study discus.docx
Assignment 1Research by finding an article or case study discus.docxAssignment 1Research by finding an article or case study discus.docx
Assignment 1Research by finding an article or case study discus.docxdeanmtaylor1545
 
Assignment 1Positioning Statement and MottoUse the pro.docx
Assignment 1Positioning Statement and MottoUse the pro.docxAssignment 1Positioning Statement and MottoUse the pro.docx
Assignment 1Positioning Statement and MottoUse the pro.docxdeanmtaylor1545
 
ASSIGNMENT 1Hearing Versus ListeningDescribe how you le.docx
ASSIGNMENT 1Hearing Versus ListeningDescribe how you le.docxASSIGNMENT 1Hearing Versus ListeningDescribe how you le.docx
ASSIGNMENT 1Hearing Versus ListeningDescribe how you le.docxdeanmtaylor1545
 
assignment 1Essay Nuclear ProliferationThe proliferation of.docx
assignment 1Essay Nuclear ProliferationThe proliferation of.docxassignment 1Essay Nuclear ProliferationThe proliferation of.docx
assignment 1Essay Nuclear ProliferationThe proliferation of.docxdeanmtaylor1545
 

More from deanmtaylor1545 (20)

Assignment 1  Dealing with Diversity in America from Reconstructi.docx
Assignment 1  Dealing with Diversity in America from Reconstructi.docxAssignment 1  Dealing with Diversity in America from Reconstructi.docx
Assignment 1  Dealing with Diversity in America from Reconstructi.docx
 
Assignment 1 Why are the originalraw data not readily us.docx
Assignment 1 Why are the originalraw data not readily us.docxAssignment 1 Why are the originalraw data not readily us.docx
Assignment 1 Why are the originalraw data not readily us.docx
 
Assignment 1 Refer to the attached document and complete the .docx
Assignment 1 Refer to the attached document and complete the .docxAssignment 1 Refer to the attached document and complete the .docx
Assignment 1 Refer to the attached document and complete the .docx
 
Assignment 1 Remote Access Method EvaluationLearning Ob.docx
Assignment 1 Remote Access Method EvaluationLearning Ob.docxAssignment 1 Remote Access Method EvaluationLearning Ob.docx
Assignment 1 Remote Access Method EvaluationLearning Ob.docx
 
Assignment 1 Please read ALL directions below before startin.docx
Assignment 1 Please read ALL directions below before startin.docxAssignment 1 Please read ALL directions below before startin.docx
Assignment 1 Please read ALL directions below before startin.docx
 
Assignment 1 Inmates Rights and Special CircumstancesCriteria.docx
Assignment 1 Inmates Rights and Special CircumstancesCriteria.docxAssignment 1 Inmates Rights and Special CircumstancesCriteria.docx
Assignment 1 Inmates Rights and Special CircumstancesCriteria.docx
 
Assignment 1 Go back through the business press (Fortune, The Ec.docx
Assignment 1 Go back through the business press (Fortune, The Ec.docxAssignment 1 Go back through the business press (Fortune, The Ec.docx
Assignment 1 Go back through the business press (Fortune, The Ec.docx
 
Assignment 1 Discussion—Environmental FactorsIn this assignment, .docx
Assignment 1 Discussion—Environmental FactorsIn this assignment, .docxAssignment 1 Discussion—Environmental FactorsIn this assignment, .docx
Assignment 1 Discussion—Environmental FactorsIn this assignment, .docx
 
Assignment 1 1. Using a Microsoft Word document, please post one.docx
Assignment 1 1. Using a Microsoft Word document, please post one.docxAssignment 1 1. Using a Microsoft Word document, please post one.docx
Assignment 1 1. Using a Microsoft Word document, please post one.docx
 
Assignment 1  Dealing with Diversity in America from Reconstructi.docx
Assignment 1  Dealing with Diversity in America from Reconstructi.docxAssignment 1  Dealing with Diversity in America from Reconstructi.docx
Assignment 1  Dealing with Diversity in America from Reconstructi.docx
 
Assignment 1  Due Monday 92319 By using linear and nonlinear .docx
Assignment 1  Due Monday 92319 By using linear and nonlinear .docxAssignment 1  Due Monday 92319 By using linear and nonlinear .docx
Assignment 1  Due Monday 92319 By using linear and nonlinear .docx
 
Assignment 1This assignment is due in Module 8. There are many v.docx
Assignment 1This assignment is due in Module 8. There are many v.docxAssignment 1This assignment is due in Module 8. There are many v.docx
Assignment 1This assignment is due in Module 8. There are many v.docx
 
Assignment 1TextbookInformation Systems for Business and Beyond.docx
Assignment 1TextbookInformation Systems for Business and Beyond.docxAssignment 1TextbookInformation Systems for Business and Beyond.docx
Assignment 1TextbookInformation Systems for Business and Beyond.docx
 
ASSIGNMENT 1TASK FORCE COMMITTEE REPORTISSUE AND SOLUTI.docx
ASSIGNMENT 1TASK FORCE COMMITTEE REPORTISSUE AND SOLUTI.docxASSIGNMENT 1TASK FORCE COMMITTEE REPORTISSUE AND SOLUTI.docx
ASSIGNMENT 1TASK FORCE COMMITTEE REPORTISSUE AND SOLUTI.docx
 
Assignment 1Select one of these three philosophers (Rousseau, Lo.docx
Assignment 1Select one of these three philosophers (Rousseau, Lo.docxAssignment 1Select one of these three philosophers (Rousseau, Lo.docx
Assignment 1Select one of these three philosophers (Rousseau, Lo.docx
 
Assignment 1Scenario 1You are developing a Windows auditing pl.docx
Assignment 1Scenario 1You are developing a Windows auditing pl.docxAssignment 1Scenario 1You are developing a Windows auditing pl.docx
Assignment 1Scenario 1You are developing a Windows auditing pl.docx
 
Assignment 1Research by finding an article or case study discus.docx
Assignment 1Research by finding an article or case study discus.docxAssignment 1Research by finding an article or case study discus.docx
Assignment 1Research by finding an article or case study discus.docx
 
Assignment 1Positioning Statement and MottoUse the pro.docx
Assignment 1Positioning Statement and MottoUse the pro.docxAssignment 1Positioning Statement and MottoUse the pro.docx
Assignment 1Positioning Statement and MottoUse the pro.docx
 
ASSIGNMENT 1Hearing Versus ListeningDescribe how you le.docx
ASSIGNMENT 1Hearing Versus ListeningDescribe how you le.docxASSIGNMENT 1Hearing Versus ListeningDescribe how you le.docx
ASSIGNMENT 1Hearing Versus ListeningDescribe how you le.docx
 
assignment 1Essay Nuclear ProliferationThe proliferation of.docx
assignment 1Essay Nuclear ProliferationThe proliferation of.docxassignment 1Essay Nuclear ProliferationThe proliferation of.docx
assignment 1Essay Nuclear ProliferationThe proliferation of.docx
 

Recently uploaded

PANDITA RAMABAI- Indian political thought GENDER.pptx
PANDITA RAMABAI- Indian political thought GENDER.pptxPANDITA RAMABAI- Indian political thought GENDER.pptx
PANDITA RAMABAI- Indian political thought GENDER.pptxakanksha16arora
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxJisc
 
SPLICE Working Group: Reusable Code Examples
SPLICE Working Group: Reusable Code ExamplesSPLICE Working Group: Reusable Code Examples
SPLICE Working Group: Reusable Code ExamplesPeter Brusilovsky
 
Ernest Hemingway's For Whom the Bell Tolls
Ernest Hemingway's For Whom the Bell TollsErnest Hemingway's For Whom the Bell Tolls
Ernest Hemingway's For Whom the Bell TollsPallavi Parmar
 
Play hard learn harder: The Serious Business of Play
Play hard learn harder: The Serious Business of PlayPlay hard learn harder: The Serious Business of Play
Play hard learn harder: The Serious Business of PlayPooky Knightsmith
 
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptxCOMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptxannathomasp01
 
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...EADTU
 
How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17Celine George
 
21st_Century_Skills_Framework_Final_Presentation_2.pptx
21st_Century_Skills_Framework_Final_Presentation_2.pptx21st_Century_Skills_Framework_Final_Presentation_2.pptx
21st_Century_Skills_Framework_Final_Presentation_2.pptxJoelynRubio1
 
Simple, Complex, and Compound Sentences Exercises.pdf
Simple, Complex, and Compound Sentences Exercises.pdfSimple, Complex, and Compound Sentences Exercises.pdf
Simple, Complex, and Compound Sentences Exercises.pdfstareducators107
 
UGC NET Paper 1 Unit 7 DATA INTERPRETATION.pdf
UGC NET Paper 1 Unit 7 DATA INTERPRETATION.pdfUGC NET Paper 1 Unit 7 DATA INTERPRETATION.pdf
UGC NET Paper 1 Unit 7 DATA INTERPRETATION.pdfNirmal Dwivedi
 
What is 3 Way Matching Process in Odoo 17.pptx
What is 3 Way Matching Process in Odoo 17.pptxWhat is 3 Way Matching Process in Odoo 17.pptx
What is 3 Way Matching Process in Odoo 17.pptxCeline George
 
Michaelis Menten Equation and Estimation Of Vmax and Tmax.pptx
Michaelis Menten Equation and Estimation Of Vmax and Tmax.pptxMichaelis Menten Equation and Estimation Of Vmax and Tmax.pptx
Michaelis Menten Equation and Estimation Of Vmax and Tmax.pptxRugvedSathawane
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jisc
 
Spellings Wk 4 and Wk 5 for Grade 4 at CAPS
Spellings Wk 4 and Wk 5 for Grade 4 at CAPSSpellings Wk 4 and Wk 5 for Grade 4 at CAPS
Spellings Wk 4 and Wk 5 for Grade 4 at CAPSAnaAcapella
 
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...Amil baba
 
dusjagr & nano talk on open tools for agriculture research and learning
dusjagr & nano talk on open tools for agriculture research and learningdusjagr & nano talk on open tools for agriculture research and learning
dusjagr & nano talk on open tools for agriculture research and learningMarc Dusseiller Dusjagr
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Jisc
 
Details on CBSE Compartment Exam.pptx1111
Details on CBSE Compartment Exam.pptx1111Details on CBSE Compartment Exam.pptx1111
Details on CBSE Compartment Exam.pptx1111GangaMaiya1
 

Recently uploaded (20)

PANDITA RAMABAI- Indian political thought GENDER.pptx
PANDITA RAMABAI- Indian political thought GENDER.pptxPANDITA RAMABAI- Indian political thought GENDER.pptx
PANDITA RAMABAI- Indian political thought GENDER.pptx
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptx
 
SPLICE Working Group: Reusable Code Examples
SPLICE Working Group: Reusable Code ExamplesSPLICE Working Group: Reusable Code Examples
SPLICE Working Group: Reusable Code Examples
 
Ernest Hemingway's For Whom the Bell Tolls
Ernest Hemingway's For Whom the Bell TollsErnest Hemingway's For Whom the Bell Tolls
Ernest Hemingway's For Whom the Bell Tolls
 
Play hard learn harder: The Serious Business of Play
Play hard learn harder: The Serious Business of PlayPlay hard learn harder: The Serious Business of Play
Play hard learn harder: The Serious Business of Play
 
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptxCOMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
 
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
 
How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17
 
21st_Century_Skills_Framework_Final_Presentation_2.pptx
21st_Century_Skills_Framework_Final_Presentation_2.pptx21st_Century_Skills_Framework_Final_Presentation_2.pptx
21st_Century_Skills_Framework_Final_Presentation_2.pptx
 
Simple, Complex, and Compound Sentences Exercises.pdf
Simple, Complex, and Compound Sentences Exercises.pdfSimple, Complex, and Compound Sentences Exercises.pdf
Simple, Complex, and Compound Sentences Exercises.pdf
 
UGC NET Paper 1 Unit 7 DATA INTERPRETATION.pdf
UGC NET Paper 1 Unit 7 DATA INTERPRETATION.pdfUGC NET Paper 1 Unit 7 DATA INTERPRETATION.pdf
UGC NET Paper 1 Unit 7 DATA INTERPRETATION.pdf
 
What is 3 Way Matching Process in Odoo 17.pptx
What is 3 Way Matching Process in Odoo 17.pptxWhat is 3 Way Matching Process in Odoo 17.pptx
What is 3 Way Matching Process in Odoo 17.pptx
 
Michaelis Menten Equation and Estimation Of Vmax and Tmax.pptx
Michaelis Menten Equation and Estimation Of Vmax and Tmax.pptxMichaelis Menten Equation and Estimation Of Vmax and Tmax.pptx
Michaelis Menten Equation and Estimation Of Vmax and Tmax.pptx
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)
 
Spellings Wk 4 and Wk 5 for Grade 4 at CAPS
Spellings Wk 4 and Wk 5 for Grade 4 at CAPSSpellings Wk 4 and Wk 5 for Grade 4 at CAPS
Spellings Wk 4 and Wk 5 for Grade 4 at CAPS
 
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
 
dusjagr & nano talk on open tools for agriculture research and learning
dusjagr & nano talk on open tools for agriculture research and learningdusjagr & nano talk on open tools for agriculture research and learning
dusjagr & nano talk on open tools for agriculture research and learning
 
OS-operating systems- ch05 (CPU Scheduling) ...
OS-operating systems- ch05 (CPU Scheduling) ...OS-operating systems- ch05 (CPU Scheduling) ...
OS-operating systems- ch05 (CPU Scheduling) ...
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)
 
Details on CBSE Compartment Exam.pptx1111
Details on CBSE Compartment Exam.pptx1111Details on CBSE Compartment Exam.pptx1111
Details on CBSE Compartment Exam.pptx1111
 

Summary of Chapter 11 ResponseIncident trigger, expert gatherin.docx

  • 1. Summary of Chapter 11 Response: Incident trigger, expert gathering, incident analysis, response activities are the common components of a security program. Incident response is a process to address and manage any security threat or cyberattack. There are two fundamental types of triggers that initiate response. The first type involves tangible, visible effects of a malicious attack or incident. The second type of trigger involves early warning and indications information. Based on how the triggers are addressed, incident response processes can be categorized as front-loaded prevention- to collect indications and warnings which can be used for the early prevention of security attacks, back-loaded recovery-to collect information from different sources which can provide tangible, visible information about attacks that might be underway or completed. An optimal incident response team includes two components which are a core set of individuals and a set of subject matter experts. In the case of multiple incidents with complex settings, the management of simultaneous response cases is highly important and requires assurance that there should not be any conflicts between any two cases. Incident response team must plan for multiple concurrent attacks with proper planning that includes avoidance of a single point of contact individual, case management automation, organizational support for expert involvement, 24/7 operational support. Incident response process includes forensic analysis which should address the root cause of the incident, vulnerabilities exploited, state and consequences of the incident, what action was taken. The decision process for law enforcement involvement in forensics has to be undergone to decide if law enforcement should be involved and called upon for support. Disaster Recovery Program includes three main components which are preparation, planning, and practice. National programs can provide centralized coordination
  • 2. In this chapter 11, we have seen the incident response is an organization’s reaction to halting and recovering from a security incident, and the response plan must be in place before the incident occurs. The goal of having an incident response plan is to ensure that your organization is fully prepared for, and ready to respond to any level of cyber security incident fast and effectively. A cyber security program will contain at least the following Incident trigger, Expert gathering, Incident analysis and Response activities.(Amoroso,2012) We have also seen about the Pre-Versus post attack response. There are two fundamental types of triggers .Tangible, visible effects of an attack and Early warning and indications information .Thus, two approaches to incident response processes are Front-loaded prevention and Back-loaded recovery. The two approaches should be combined for comprehensive response picture. Protecting national assets is worth suffering a high number of false positives.The incident response teams are optimal incident response team includes two components A core set of individuals as well as A set of subject matter experts. Response teams in a national setting must plan for multiple concurrent attacks aimed at a company or agency.The other topic is forensic analysis is the Internal expert most likely the best to lead a company investigation.Disaster recovery program which is nothing but the preparing, planning and practice.Finally we have see about the National response programs can provide centralized coordination intrasector coordination should be encouraged .Currently, coordination is not the main focus of most national emergency response team programs.