Incident Response Planning
Incident response planning includes identification of, classification of, and response to an incident.
· Attacks classified as incidents if they:
· Are directed against information assets
· Have a realistic chance of success
· Could threaten confidentiality, integrity, or availability of information resources
· Incident response (IR) is more reactive than proactive, with the exception of planning that must occur to prepare IR teams to be ready to react to an incident.
Incident Response Planning (cont’d)
· Incident response policy identifies the following key components:
· Statement of management commitment
· Purpose/objectives of policy
· Scope of policy
· Definition of InfoSec incidents and related terms
· Organizational structure
· Prioritization or severity ratings of incidents
· Performance measures
· Reporting and contact forms
Incident Response Planning (cont’d)
· Incident Planning
· Predefined responses enable the organization to react quickly and effectively to the detected incident if:
· The organization has an IR team
· The organization can detect the incident
· IR team consists of individuals needed to handle systems as incident takes place.
· Incident response plan
· Format and content
· Storage
· Testing
Incident Response Planning (cont’d)
· Incident detection
· Most common occurrence is complaint about technology support, often delivered to help desk.
· Careful training is needed to quickly identify and classify an incident.
· Once incident is properly identified, the organization can respond.
· Incident indicators vary.
Incident Response Planning (cont’d)
· Incident reaction
· Consists of actions that guide the organization to stop incident, mitigate its impact, and provide information for recovery
· Actions that must occur quickly:
· Notification of key personnel
· Documentation of the incident
· Incident containment strategies
· Containment of incident’s scope or impact as first priority; must then determine which information systems are affected
· Organization can stop incident and attempt to recover control through a number or strategies.
Incident Response Planning (cont’d)
· Incident recovery
· Once incident has been contained and control of systems regained, the next stage is recovery.
· The first task is to identify human resources needed and launch them into action.
· Full extent of the damage must be assessed.
· Organization repairs vulnerabilities, addresses any shortcomings in safeguards, and restores data and services of the systems.
Incident Response Planning (cont’d)
· Damage assessment
· Several sources of information on damage can be used, including system logs, intrusion detection logs, configuration logs and documents, documentation from incident response, and results of detailed assessment of systems and data storage.
· Computer evidence must be carefully collected, documented, and maintained to be usable in formal or informal proceedings.
· Individuals who assess damage need.
Rapple "Scholarly Communications and the Sustainable Development Goals"
Incident Response PlanningIncident response planning includes .docx
1. Incident Response Planning
Incident response planning includes identification of,
classification of, and response to an incident.
· Attacks classified as incidents if they:
· Are directed against information assets
· Have a realistic chance of success
· Could threaten confidentiality, integrity, or availability of
information resources
· Incident response (IR) is more reactive than proactive, with
the exception of planning that must occur to prepare IR teams to
be ready to react to an incident.
Incident Response Planning (cont’d)
· Incident response policy identifies the following key
components:
· Statement of management commitment
· Purpose/objectives of policy
· Scope of policy
· Definition of InfoSec incidents and related terms
· Organizational structure
· Prioritization or severity ratings of incidents
· Performance measures
· Reporting and contact forms
Incident Response Planning (cont’d)
· Incident Planning
· Predefined responses enable the organization to react quickly
and effectively to the detected incident if:
· The organization has an IR team
· The organization can detect the incident
· IR team consists of individuals needed to handle systems as
incident takes place.
· Incident response plan
· Format and content
2. · Storage
· Testing
Incident Response Planning (cont’d)
· Incident detection
· Most common occurrence is complaint about technology
support, often delivered to help desk.
· Careful training is needed to quickly identify and classify an
incident.
· Once incident is properly identified, the organization can
respond.
· Incident indicators vary.
Incident Response Planning (cont’d)
· Incident reaction
· Consists of actions that guide the organization to stop
incident, mitigate its impact, and provide information for
recovery
· Actions that must occur quickly:
· Notification of key personnel
· Documentation of the incident
· Incident containment strategies
· Containment of incident’s scope or impact as first priority;
must then determine which information systems are affected
· Organization can stop incident and attempt to recover control
through a number or strategies.
Incident Response Planning (cont’d)
· Incident recovery
· Once incident has been contained and control of systems
regained, the next stage is recovery.
· The first task is to identify human resources needed and
launch them into action.
· Full extent of the damage must be assessed.
· Organization repairs vulnerabilities, addresses any
shortcomings in safeguards, and restores data and services of
the systems.
Incident Response Planning (cont’d)
· Damage assessment
3. · Several sources of information on damage can be used,
including system logs, intrusion detection logs, configuration
logs and documents, documentation from incident response, and
results of detailed assessment of systems and data storage.
· Computer evidence must be carefully collected, documented,
and maintained to be usable in formal or informal proceedings.
· Individuals who assess damage need special training.
Incident Response Planning (cont’d)
· Automated response
· New systems can respond to incident threat autonomously.
· Downsides of current automated response systems may
outweigh benefits.
· Legal liabilities of a counterattack
· Ethical issues
Disaster Recovery Planning
· Disaster recovery planning (DRP) is preparation for and
recovery from a disaster.
· The contingency planning team must decide which actions
constitute disasters and which constitute incidents.
· When situations are classified as disasters, plans change as to
how to respond; take action to secure most valuable assets to
preserve value for the longer term.
· DRP strives to reestablish operations at the primary site.
Page 1 of 1
Page
1
of
1
Incident Response Planning
4. Incident response planning includes identification of, cl
assification of, and response to an
incident.
•
Attacks classified as incidents if they:
–
Are directed against information assets
–
Have a realistic chance of success
–
Could threaten confidentiality, integrity, or availability of
information resources
•
Incident response (IR) is more reactive than proactive, with the
exception of planning that
must occur to prepare IR teams to be ready to react to an
incident.
Incident Response Planning (cont’d)
•
Incident response policy identifies the follo
5. wing key components:
–
Statement of management commitment
–
Purpose/objectives of policy
–
Scope of policy
–
Definition of InfoSec incidents and related terms
–
Organizational structure
–
Prioritization or severity ratings of incidents
–
Performance measures
–
Reporting and contact forms
Incident Response Planning (cont’d)
6. •
Incident Planning
–
Predefined responses enable the organization to react quickly
and effectively to
the detected incident if:
•
The organization has an IR team
•
The organization can detect the incident
–
IR team consists of individuals needed to handle systems as
incident takes place.
•
Incident response plan
–
Format and content
–
Storage
–
7. T
esting
Incident Response Planning (cont’d)
•
Incident detection
–
Mo
st common occurrence is complaint about technology support,
often delivered
to help desk.
–
Careful training is needed to quickly identify and classify an
incident.
–
Once incident is properly identified, the organization can
respond.
–
Incident indicators vary.
Incident Response Planning (cont’d)
•
Incident reaction
8. –
Consists of actions that guide the organization to stop incident,
mitigate its
impact, and provide informat
ion for recovery
–
Actions that must occur quickly:
•
Notification of key personnel
•
Documentation of the incident
•
Incident containment strategies
Page 1 of 1
Incident Response Planning
Incident response planning includes identification of,
classification of, and response to an
incident.
• Attacks classified as incidents if they:
– Are directed against information assets
– Have a realistic chance of success
– Could threaten confidentiality, integrity, or availability of
information resources
• Incident response (IR) is more reactive than proactive, with
9. the exception of planning that
must occur to prepare IR teams to be ready to react to an
incident.
Incident Response Planning (cont’d)
• Incident response policy identifies the following key
components:
– Statement of management commitment
– Purpose/objectives of policy
– Scope of policy
– Definition of InfoSec incidents and related terms
– Organizational structure
– Prioritization or severity ratings of incidents
– Performance measures
– Reporting and contact forms
Incident Response Planning (cont’d)
• Incident Planning
– Predefined responses enable the organization to react quickly
and effectively to
the detected incident if:
• The organization has an IR team
• The organization can detect the incident
– IR team consists of individuals needed to handle systems as
incident takes place.
• Incident response plan
– Format and content
– Storage
– Testing
Incident Response Planning (cont’d)
• Incident detection
– Most common occurrence is complaint about technology
support, often delivered
to help desk.
– Careful training is needed to quickly identify and classify an
incident.
– Once incident is properly identified, the organization can
10. respond.
– Incident indicators vary.
Incident Response Planning (cont’d)
• Incident reaction
– Consists of actions that guide the organization to stop
incident, mitigate its
impact, and provide information for recovery
– Actions that must occur quickly:
• Notification of key personnel
• Documentation of the incident
• Incident containment strategies
Introduction
Every child needs support, stimulation and encouragement in a
positive environment. This week you will begin to analyze the
role of the caregiver in applying the principles of development
to supporting the growth and development of children. You will
identify and describe activities to enhance language
development and optimal brain development. You will start to
reflect on your own practice and how you will use theories of
development in your own practice.
Required Resources
Required Text
1. Children’s Journeys: Exploring Early Childhood:
a. Chapter 5: Physical and Cognitive Development in Infancy:
First Excursions
Recommended Resources
Articles
11. 1. Roth, T. L., & David Sweatt, J. J. (2011). Annual Research
Review: Epigenetic Mechanisms and Environmental Shaping of
the Brain During Sensitive Periods of Development. Journal Of
Child Psychology & Psychiatry, 52(4), 398-408. Retrieved
from EBSCOhost database.
· This article extends the discussion from Chapter 5 of the
course text regarding brain development in infants and the
shaping of a child’s brain during sensitive periods of
development.
Multimedia
1. Storybird. (n.d). Storybird Quick Tour [Video file].
Retrieved from http://player.vimeo.com/video/6178690
Websites
1. Jing (http://www.techsmith.com/jing.html)
2. Storybird (http://storybird.com/)
Journal.
1. Piaget and You
Consider what age group you hope to work with and reflect on
which aspects of Piaget’s theory will be the most useful to you
in your future career. How will this information be useful in
your everyday work with children? Will it change your
expectations for children? For yourself?
Journal Options:
a. Written reflection journal.
b. Jing reflection with visuals, and paste the link into your
discussion post.
c. Peer dialogue reflection (where you discuss the questions
above with a peer or colleague and write a reflection that
compares their peak experience with your own.)
d. Create a short video to relate your answer.
Carefully review the Grading Rubric for the criteria that will be
used to evaluate your journal entries.
12. Assignment
1. Developmental Milestones
The purpose of this assignment is to creatively demonstrate an
understanding of infant developmental milestones as they
pertain to cognition, motor skills, sensation, and perception.
Using information from Chapter 5 of your text, write a short
story about a child’s journey from birth to age 1. This can be a
fictional child, or can be based on a real child. The story
should be three to five pages in addition to the title page and
the reference page. Use at least one reference in addition to
your text. Your paper should also be formatted according to
APA style as outlined in the Ashford Writing Center.
a. Describe the child’s sensory experiences at birth (e.g. sight,
hearing, movement).
b. Analyze how these senses develop and become more
evolved? At the age of 6 months, identify what this same child
can hear, see, and do?
c. Describe what a day in this child’s life might look like by age
1. Include pictures in your Word document or compose your
story using Storybird. Watch the video, Storybird Quick Tour,
for assistance.
If you choose to create your story in Storybird, you may
collaborate with a partner in class by using the collaboration
tool. Make sure to notify your instructor of your collaboration
and make sure both of you submit your Storybird link in a Word
document for grading.
Include the following developmental milestones in your story:
d. Social and Emotional
· Enjoys imitating people in his play.
· Shows specific preferences for certain people and toys.
· Tests parental responses to his actions during feedings.
13. · Tests parental responses to his behavior.
· Prefers mother and/or regular caregiver over all others.
· Repeats sounds or gestures for attention.
· Finger-feeds himself.
· Extends arm or leg to help when being dressed.
e. Cognitive
· Explores objects in many different ways (shaking, banging,
throwing, dropping).
· Finds hidden objects easily.
· Looks at correct picture when the image is named.
· Imitates gestures.
· Begins to use objects correctly (drinking from cup, brushing
hair, dialing phone, listening to receiver).
f. Language
· Pays increasing attention to speech.
· Responds to simple verbal requests.
· Responds to “no.”
· Uses simple gestures, such as shaking head for “no.
· Babbles with inflection (changes in tone).
· Says “dada” and “mama.”
· Uses exclamations, such as “Oh-oh!”
· Tries to imitate words.
g. Motor
· Reaches sitting position without assistance.
· Crawls forward on belly.
· Assumes hands-and-knees position.
· Creeps on hands and knees.
· Gets from sitting to crawling or prone (lying on stomach)
position.
· Pulls self up to stand.
· Walks holding on to furniture.
· Stands momentarily without support.
· May walk two or three steps without support.
14. h. Hand and Finger Skills
· Uses pincer grasp.
· Bangs two objects together.
· Puts objects into container.
· Takes objects out of container.
· Lets objects go voluntarily.
· Pokes with index finger.
· Tries to imitate scribbling.
Carefully review the Grading Rubric for the criteria that will be
used to evaluate your assignment.