SlideShare a Scribd company logo

COM520 Written Assignment 7 Assignment Windows Incident.docx

Download as DOCX, PDF
M
monicafrancis71118

COM520 Written Assignment 7 Assignment: Windows Incident Handling Tools Assignment Requirements Responding to incidents in an efficient and repeatable manner depends on having the right tools in place before incidents occur. While there are many types of tools and utilities available for different purposes, some tools support incident handling tasks well. As a security administrator for Ken 7 Windows Limited, you have been given the task of evaluating various software tools for computer security incident response team (CSIRT) use. You should recommend at least one tool for each of the main CSIRT categories of functional needs. You can select from the list of functional needs given below. For each software tool you should select the most appropriate functional need(s), it best meets. Review the text sheet titled Tool Summary (provided below). After you identify the functional needs each tool fulfills, describe which tool, or tools, you would recommend for the Ken 7 Windows Limited CSIRT. Explain the reasons for your choice. Submission Requirements  Format: Microsoft Word  Font: Arial, Size 12, Double-Space  Citation Style: APA Style Self-Assessment Checklist  I have identified the correct function to secure incidents of Ken 7 Windows Limited.  I have explained and given proper reasoning for my choice of tools. Required Resources (provided below)  Text Sheet: Case Scenario for Rationale: Importance of Windows Access Control and Authentication  Text Sheet: Tools Summary  Worksheet: Match Tools to CSIRT Functional Needs Case Scenario for Rationale: Importance of Windows Access Control and Authentication © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved. www.jblearning.com Page 1 Ken 7 Windows Limited is a manufacturer of Windows for residential and commercial builders. Ken 7 Windows Limited carries a variety of Windows and related products. It supplies builders with all of the tools and supplies to install finished Windows in any type of building. Ken 7 Windows Limited has just purchased a new enterprise resource planning (ERP) software package to help control costs and increase both quality and customer responsiveness. The ERP software collects and stores information including:  Raw material costs  Labor costs  Materials and labor requirements for products  Purchasing requirements Ken 7 Windows Limited has identified six basic roles for users in the new ERP software:  Administrators—maintain ERP data and system operation.  Planners—run planning software and generate requirements reports.  Shop Floor users —enter operational data (receiving, shipping, and product progress during manufacturing).  Managers—manage department personnel.  Purchasing users—generate purchasing documents based on planning requirements.  Accounting users—maintain cost and accounting data. Access controls limit what.

Education
1 of 11
COM520 Written Assignment 7 Assignment: Windows Incident Handling Tools Assignment Requirements Responding to incidents in an efficient and repeatable manner depends on having the right tools in place before incidents occur. While there are many types of tools and utilities available for different purposes, some tools support incident handling tasks well. As a security administrator for Ken 7 Windows Limited, you have been given the task of evaluating various software tools for computer security incident response team (CSIRT) use. You should recommend at least one tool for each of the main CSIRT categories of functional needs. You can select from the list of functional needs given below. For each software tool you should select the most appropriate functional need(s), it best meets. Review the text sheet titled Tool Summary (provided below). After you identify the functional needs each tool fulfills, describe which tool, or tools, you would recommend for the Ken 7 Windows Limited CSIRT. Explain the reasons for your choice. Submission Requirements
-Space Self-Assessment Checklist fied the correct function to secure incidents of Ken 7 Windows Limited. tools. Required Resources (provided below) Windows Access Control and Authentication Case Scenario for Rationale: Importance of Windows Access Control and Authentication © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved. www.jblearning.com Page 1 Ken 7 Windows Limited is a manufacturer of Windows for
residential and commercial builders. Ken 7 Windows Limited carries a variety of Windows and related products. It supplies builders with all of the tools and supplies to install finished Windows in any type of building. Ken 7 Windows Limited has just purchased a new enterprise resource planning (ERP) software package to help control costs and increase both quality and customer responsiveness. The ERP software collects and stores information including: Ken 7 Windows Limited has identified six basic roles for users in the new ERP software: —maintain ERP data and system operation. —run planning software and generate requirements reports. —enter operational data (receiving, shipping, and product progress during manufacturing). —manage department personnel. —generate purchasing documents based on planning requirements. —maintain cost and accounting data. Access controls limit what users or roles can do with different types of data. For example, consider the
following types of data: —raw materials and labor costs, including the cost of finished goods. —cost, amount of labor, and time required to produce finished goods. —rules for determining when raw materials, components, or supplies should be purchased. Through access control: Shop Floor users. users. During the analysis phase of the ERP implementation, Ken 7 Windows Limited raised concerns about users being able to access restricted data. able to login to shop floor computers. applications and data. The ERP implementation team suggested the following access control measures to protect restricted data. onal unit (OU) in Active Directory for
shop floor computers. users to the shop floor OU. access for all non-HR users to restricted data. Implementation of several access control measures helped Ken 7 Windows Limited to restrict the data access. Hence access control and authentication is important, as it helped Ken 7 Windows Limited in reducing costs and increasing profits. Tools Summary © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved. www.jblearning.com Page 1 http://www.emc.com/security/rsa-archer/rsa-archer-incident- management.htm “Archer Incident Management centralizes and streamlines the complete case management lifecycle for cyber and physical incidents and ethics violations. Archer’s web-based solution
allows you to capture organizational events that may escalate into incidents, evaluate incident criticality, and assign response team members based on business impact and regulatory requirements. You can also consolidate response procedures, manage investigations end-to-end, and report on trends, losses, recovery efforts and related incidents. Powered by the Archer SmartSuite Framework, the Incident Management software solution allows you to effectively handle incidents that occur anywhere you do business from detection through analysis and resolution.” g: http://www.d3security.com/products/incident-reporting “The Incident Reporting Software module is at the core of D3’s end-to-end integrated security management technology or virtual Security Operations Center (vSOC). The incident reporting application is easy-to-use and fully customizable. The flexible customization options allow incident forms, tasks and analysis reports to be designed to your organizations unique requirements. This greatly reduces unnecessary incident form fields, streamlines adoption of the system by staff and ensures the appropriate information is being collected.”
http://airt.leune.com/ “AIRT is a web-based application that has been designed and developed to support the day to day operations of a computer security incident response team. The application supports highly automated processing of incident reports and facilitates coordination of multiple incidents by a security operations center.” http://www.emc.com/security/rsa-archer/rsa-archer-incident- management.htm http://www.d3security.com/products/incident-reporting http://airt.leune.com/ Tools Summary © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved. www.jblearning.com Page 2 http://www.bestpractical.com/index.html “RT for Incident Response helps your CERT or CSIRT team to efficiently track computer security
incidents big and small. Collaborating with staff from top Incident Response teams, we've built a tool designed to help you manage your entire incident handling workflow. RTIR builds on RT to track Incident Reports, Incidents which tie together those reports and your Investigations into root causes and ideal remediation’s. RTIR extends RT with custom data extraction, reporting and workflow tools as well as a user experience centered around the Incident handling process. Best Practical offers a full suite of customization, training, deployment and support services for RTIR. Please contact us for more information.” http://www.bmc.com/products/product-listing/22735072- 106757-2391.html “Build powerful business workflow applications for Web, Windows, UNIX, and Linux environments AR System provides a consolidated Service Process Management platform for automating and managing Service Management business processes. that speeds the handling of unique processes -of-the-box workflow modules commonly used in automating service processes, such as notifications, escalations and approvals tinually align with the
needs of the business -time management applications Web References: Links to Web references in this document are subject to change without prior notice. These links were last verified on June 26, 2013. http://www.bestpractical.com/index.html http://www.bmc.com/products/product-listing/22735072- 106757-2391.html Match Tools to CSIRT Functional Needs © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved. www.jblearning.com Page 1 Responding to incidents in an efficient and repeatable manner depends on having the right tools in place before incidents occur. While there are many types of tools and utilities available for different purposes, some tools support incident handling tasks well. As a security administrator for Ken 7 Windows Limited, you have been given the task of evaluating various software
tools for CSIRT use. You should recommend at least one tool for each of the main CSIRT categories of functional needs. You can select from the list of functional needs given below. For each software tool you should select the most appropriate functional need(s), it best meets. Review the text sheet titled Tool Summary given to you as a handout. After you identify the functional needs each tool fulfills, describe which tool, or tools, you would recommend for the Ken 7 Windows Limited CSIRT. Explain the reasons for your choice. Select from these CSIRT functional needs: a. Tracking incidents b. Reporting on incidents c. Archiving incidents d. Communicating incident information e. Managing an incident’s tasks and activities Software tools (note which CSIRT functional needs each product meets): 1. Archer Incident Management 2. D3 Incident Reporting 3. Application for Incident Response Teams (AIRT)
4. Request Tracker for Incident Response (RTIR) 5. BMC Remedy Action Request System Which of the tools listed would you recommend for Ken 7 Windows Limited CSIRT? Why?

Recommended

COM520 Written Assignment 7 Assignment Windows Incident.docx
COM520 Written Assignment 7 Assignment Windows Incident.docxCOM520 Written Assignment 7 Assignment Windows Incident.docx
COM520 Written Assignment 7 Assignment Windows Incident.docxmccormicknadine86
 
COM520 Written Assignment 6 Assignment Policy for Securin.docx
COM520 Written Assignment 6 Assignment Policy for Securin.docxCOM520 Written Assignment 6 Assignment Policy for Securin.docx
COM520 Written Assignment 6 Assignment Policy for Securin.docxdrandy1
 
COM520 Written Assignment 6 Assignment Policy for Securin.docx
COM520 Written Assignment 6 Assignment Policy for Securin.docxCOM520 Written Assignment 6 Assignment Policy for Securin.docx
COM520 Written Assignment 6 Assignment Policy for Securin.docxmccormicknadine86
 
COM520 Written Assignment 6 Assignment Policy for Securin.docx
COM520 Written Assignment 6 Assignment Policy for Securin.docxCOM520 Written Assignment 6 Assignment Policy for Securin.docx
COM520 Written Assignment 6 Assignment Policy for Securin.docxcargillfilberto
 
Dot Net performance monitoring
Dot Net performance monitoring Dot Net performance monitoring
Dot Net performance monitoringKranthi Paidi
 
AV-Comparatives’ 2017 business software review
AV-Comparatives’ 2017 business software reviewAV-Comparatives’ 2017 business software review
AV-Comparatives’ 2017 business software reviewJermund Ottermo
 
IndySoft Leaflet
IndySoft LeafletIndySoft Leaflet
IndySoft LeafletJake Bishop
 
Comparative study of Cyber Security Assessment Tools
Comparative study of Cyber Security Assessment ToolsComparative study of Cyber Security Assessment Tools
Comparative study of Cyber Security Assessment ToolsIRJET Journal
 

Recommended

COM520 Written Assignment 7 Assignment Windows Incident.docx
COM520 Written Assignment 7 Assignment Windows Incident.docxCOM520 Written Assignment 7 Assignment Windows Incident.docx
COM520 Written Assignment 7 Assignment Windows Incident.docxmccormicknadine86
 
COM520 Written Assignment 6 Assignment Policy for Securin.docx
COM520 Written Assignment 6 Assignment Policy for Securin.docxCOM520 Written Assignment 6 Assignment Policy for Securin.docx
COM520 Written Assignment 6 Assignment Policy for Securin.docxdrandy1
 
COM520 Written Assignment 6 Assignment Policy for Securin.docx
COM520 Written Assignment 6 Assignment Policy for Securin.docxCOM520 Written Assignment 6 Assignment Policy for Securin.docx
COM520 Written Assignment 6 Assignment Policy for Securin.docxmccormicknadine86
 
COM520 Written Assignment 6 Assignment Policy for Securin.docx
COM520 Written Assignment 6 Assignment Policy for Securin.docxCOM520 Written Assignment 6 Assignment Policy for Securin.docx
COM520 Written Assignment 6 Assignment Policy for Securin.docxcargillfilberto
 
Dot Net performance monitoring
Dot Net performance monitoring Dot Net performance monitoring
Dot Net performance monitoringKranthi Paidi
 
AV-Comparatives’ 2017 business software review
AV-Comparatives’ 2017 business software reviewAV-Comparatives’ 2017 business software review
AV-Comparatives’ 2017 business software reviewJermund Ottermo
 
IndySoft Leaflet
IndySoft LeafletIndySoft Leaflet
IndySoft LeafletJake Bishop
 
Comparative study of Cyber Security Assessment Tools
Comparative study of Cyber Security Assessment ToolsComparative study of Cyber Security Assessment Tools
Comparative study of Cyber Security Assessment ToolsIRJET Journal
 
Gartner_Critical Capabilities for SIEM 9.21.15
Gartner_Critical Capabilities for SIEM 9.21.15Gartner_Critical Capabilities for SIEM 9.21.15
Gartner_Critical Capabilities for SIEM 9.21.15Jay Steidle
 
HMI/SCADA 리스크 감소
HMI/SCADA 리스크 감소HMI/SCADA 리스크 감소
HMI/SCADA 리스크 감소GE코리아
 
Note This project is broken up into Windows and Mac version.pdf
Note This project is broken up into Windows and Mac version.pdfNote This project is broken up into Windows and Mac version.pdf
Note This project is broken up into Windows and Mac version.pdfsagaraccura
 
Cyb 610 Inspiring Innovation--tutorialrank.com
Cyb 610 Inspiring Innovation--tutorialrank.comCyb 610 Inspiring Innovation--tutorialrank.com
Cyb 610 Inspiring Innovation--tutorialrank.comPrescottLunt386
 
looksoftware Case Study: All Out Security
looksoftware Case Study: All Out Securitylooksoftware Case Study: All Out Security
looksoftware Case Study: All Out SecurityFresche Solutions
 
Medical Store Management System Software Engineering 1
Medical Store Management System Software Engineering 1Medical Store Management System Software Engineering 1
Medical Store Management System Software Engineering 1hani2253
 
Chapter_01.ppt
Chapter_01.pptChapter_01.ppt
Chapter_01.pptMSahibKhan
 
Employee Management System
Employee Management SystemEmployee Management System
Employee Management Systemvivek shah
 
Software Assurance CSS321Security Static Ana.docx
Software Assurance CSS321Security Static Ana.docxSoftware Assurance CSS321Security Static Ana.docx
Software Assurance CSS321Security Static Ana.docxwhitneyleman54422
 
Performance testing wreaking balls
Performance testing wreaking ballsPerformance testing wreaking balls
Performance testing wreaking ballsLeonid Grinshpan, Ph.D.
 
AGSL brochure
AGSL brochureAGSL brochure
AGSL brochureMark Steel
 
Asp Abstracts, Sample Copy 15+ Abstracts
Asp Abstracts, Sample Copy 15+ AbstractsAsp Abstracts, Sample Copy 15+ Abstracts
Asp Abstracts, Sample Copy 15+ Abstractsncct
 
Ajith H N-Profile
Ajith H N-ProfileAjith H N-Profile
Ajith H N-ProfileAjith H N
 
Resume_New
Resume_NewResume_New
Resume_NewROSHAN MISHRA
 
SE Lecture 1.ppt
SE Lecture 1.pptSE Lecture 1.ppt
SE Lecture 1.pptssusere16bd9
 
SE Lecture 1.ppt
SE Lecture 1.pptSE Lecture 1.ppt
SE Lecture 1.pptssusere16bd9
 
Medical Store Management System Software Engineering Project
Medical Store Management System Software Engineering ProjectMedical Store Management System Software Engineering Project
Medical Store Management System Software Engineering Projecthani2253
 
SE_Lec 01_ Introduction to Software Enginerring
SE_Lec 01_ Introduction to Software EnginerringSE_Lec 01_ Introduction to Software Enginerring
SE_Lec 01_ Introduction to Software EnginerringAmr E. Mohamed
 
Design Documents (4)
Design Documents (4)Design Documents (4)
Design Documents (4)Isidro Garcia
 
Application security Best Practices Framework
Application security Best Practices FrameworkApplication security Best Practices Framework
Application security Best Practices FrameworkSujata Raskar
 
1. Discuss Blockchains potential application in compensation system.docx
1. Discuss Blockchains potential application in compensation system.docx1. Discuss Blockchains potential application in compensation system.docx
1. Discuss Blockchains potential application in compensation system.docxmonicafrancis71118
 
1. Describe the characteristics of the aging process. Explain how so.docx
1. Describe the characteristics of the aging process. Explain how so.docx1. Describe the characteristics of the aging process. Explain how so.docx
1. Describe the characteristics of the aging process. Explain how so.docxmonicafrancis71118
 

More Related Content

Similar to COM520 Written Assignment 7 Assignment Windows Incident.docx

Gartner_Critical Capabilities for SIEM 9.21.15
Gartner_Critical Capabilities for SIEM 9.21.15Gartner_Critical Capabilities for SIEM 9.21.15
Gartner_Critical Capabilities for SIEM 9.21.15Jay Steidle
 
HMI/SCADA 리스크 감소
HMI/SCADA 리스크 감소HMI/SCADA 리스크 감소
HMI/SCADA 리스크 감소GE코리아
 
Note This project is broken up into Windows and Mac version.pdf
Note This project is broken up into Windows and Mac version.pdfNote This project is broken up into Windows and Mac version.pdf
Note This project is broken up into Windows and Mac version.pdfsagaraccura
 
Cyb 610 Inspiring Innovation--tutorialrank.com
Cyb 610 Inspiring Innovation--tutorialrank.comCyb 610 Inspiring Innovation--tutorialrank.com
Cyb 610 Inspiring Innovation--tutorialrank.comPrescottLunt386
 
looksoftware Case Study: All Out Security
looksoftware Case Study: All Out Securitylooksoftware Case Study: All Out Security
looksoftware Case Study: All Out SecurityFresche Solutions
 
Medical Store Management System Software Engineering 1
Medical Store Management System Software Engineering 1Medical Store Management System Software Engineering 1
Medical Store Management System Software Engineering 1hani2253
 
Chapter_01.ppt
Chapter_01.pptChapter_01.ppt
Chapter_01.pptMSahibKhan
 
Employee Management System
Employee Management SystemEmployee Management System
Employee Management Systemvivek shah
 
Software Assurance CSS321Security Static Ana.docx
Software Assurance CSS321Security Static Ana.docxSoftware Assurance CSS321Security Static Ana.docx
Software Assurance CSS321Security Static Ana.docxwhitneyleman54422
 
Asp Abstracts, Sample Copy 15+ Abstracts
Asp Abstracts, Sample Copy 15+ AbstractsAsp Abstracts, Sample Copy 15+ Abstracts
Asp Abstracts, Sample Copy 15+ Abstractsncct
 
Ajith H N-Profile
Ajith H N-ProfileAjith H N-Profile
Ajith H N-ProfileAjith H N
 
Medical Store Management System Software Engineering Project
Medical Store Management System Software Engineering ProjectMedical Store Management System Software Engineering Project
Medical Store Management System Software Engineering Projecthani2253
 
SE_Lec 01_ Introduction to Software Enginerring
SE_Lec 01_ Introduction to Software EnginerringSE_Lec 01_ Introduction to Software Enginerring
SE_Lec 01_ Introduction to Software EnginerringAmr E. Mohamed
 
Design Documents (4)
Design Documents (4)Design Documents (4)
Design Documents (4)Isidro Garcia
 
Application security Best Practices Framework
Application security Best Practices FrameworkApplication security Best Practices Framework
Application security Best Practices FrameworkSujata Raskar
 

Similar to COM520 Written Assignment 7 Assignment Windows Incident.docx (20)

Gartner_Critical Capabilities for SIEM 9.21.15
Gartner_Critical Capabilities for SIEM 9.21.15Gartner_Critical Capabilities for SIEM 9.21.15
Gartner_Critical Capabilities for SIEM 9.21.15
 
HMI/SCADA 리스크 감소
HMI/SCADA 리스크 감소HMI/SCADA 리스크 감소
HMI/SCADA 리스크 감소
 
Note This project is broken up into Windows and Mac version.pdf
Note This project is broken up into Windows and Mac version.pdfNote This project is broken up into Windows and Mac version.pdf
Note This project is broken up into Windows and Mac version.pdf
 
Cyb 610 Inspiring Innovation--tutorialrank.com
Cyb 610 Inspiring Innovation--tutorialrank.comCyb 610 Inspiring Innovation--tutorialrank.com
Cyb 610 Inspiring Innovation--tutorialrank.com
 
looksoftware Case Study: All Out Security
looksoftware Case Study: All Out Securitylooksoftware Case Study: All Out Security
looksoftware Case Study: All Out Security
 
Medical Store Management System Software Engineering 1
Medical Store Management System Software Engineering 1Medical Store Management System Software Engineering 1
Medical Store Management System Software Engineering 1
 
Chapter_01.ppt
Chapter_01.pptChapter_01.ppt
Chapter_01.ppt
 
Employee Management System
Employee Management SystemEmployee Management System
Employee Management System
 
Software Assurance CSS321Security Static Ana.docx
Software Assurance CSS321Security Static Ana.docxSoftware Assurance CSS321Security Static Ana.docx
Software Assurance CSS321Security Static Ana.docx
 
Performance testing wreaking balls
Performance testing wreaking ballsPerformance testing wreaking balls
Performance testing wreaking balls
 
AGSL brochure
AGSL brochureAGSL brochure
AGSL brochure
 
Asp Abstracts, Sample Copy 15+ Abstracts
Asp Abstracts, Sample Copy 15+ AbstractsAsp Abstracts, Sample Copy 15+ Abstracts
Asp Abstracts, Sample Copy 15+ Abstracts
 
Ajith H N-Profile
Ajith H N-ProfileAjith H N-Profile
Ajith H N-Profile
 
Resume_New
Resume_NewResume_New
Resume_New
 
SE Lecture 1.ppt
SE Lecture 1.pptSE Lecture 1.ppt
SE Lecture 1.ppt
 
SE Lecture 1.ppt
SE Lecture 1.pptSE Lecture 1.ppt
SE Lecture 1.ppt
 
Medical Store Management System Software Engineering Project
Medical Store Management System Software Engineering ProjectMedical Store Management System Software Engineering Project
Medical Store Management System Software Engineering Project
 
SE_Lec 01_ Introduction to Software Enginerring
SE_Lec 01_ Introduction to Software EnginerringSE_Lec 01_ Introduction to Software Enginerring
SE_Lec 01_ Introduction to Software Enginerring
 
Design Documents (4)
Design Documents (4)Design Documents (4)
Design Documents (4)
 
Application security Best Practices Framework
Application security Best Practices FrameworkApplication security Best Practices Framework
Application security Best Practices Framework
 

More from monicafrancis71118

1. Discuss Blockchains potential application in compensation system.docx
1. Discuss Blockchains potential application in compensation system.docx1. Discuss Blockchains potential application in compensation system.docx
1. Discuss Blockchains potential application in compensation system.docxmonicafrancis71118
 
1. Describe the characteristics of the aging process. Explain how so.docx
1. Describe the characteristics of the aging process. Explain how so.docx1. Describe the characteristics of the aging process. Explain how so.docx
1. Describe the characteristics of the aging process. Explain how so.docxmonicafrancis71118
 
1. Dis. 7Should we continue to collect data on race and .docx
1. Dis. 7Should we continue to collect data on race and .docx1. Dis. 7Should we continue to collect data on race and .docx
1. Dis. 7Should we continue to collect data on race and .docxmonicafrancis71118
 
1. Differentiate crisis intervention from other counseling therapeut.docx
1. Differentiate crisis intervention from other counseling therapeut.docx1. Differentiate crisis intervention from other counseling therapeut.docx
1. Differentiate crisis intervention from other counseling therapeut.docxmonicafrancis71118
 
1. Despite our rational nature, our ability to reason well is ofte.docx
1. Despite our rational nature, our ability to reason well is ofte.docx1. Despite our rational nature, our ability to reason well is ofte.docx
1. Despite our rational nature, our ability to reason well is ofte.docxmonicafrancis71118
 
1. Describe the ethical challenges faced by organizations operating .docx
1. Describe the ethical challenges faced by organizations operating .docx1. Describe the ethical challenges faced by organizations operating .docx
1. Describe the ethical challenges faced by organizations operating .docxmonicafrancis71118
 
1. Describe in your own words the anatomy of a muscle.  This sho.docx
1. Describe in your own words the anatomy of a muscle.  This sho.docx1. Describe in your own words the anatomy of a muscle.  This sho.docx
1. Describe in your own words the anatomy of a muscle.  This sho.docxmonicafrancis71118
 
1. Describe how your attitude of including aspects of health literac.docx
1. Describe how your attitude of including aspects of health literac.docx1. Describe how your attitude of including aspects of health literac.docx
1. Describe how your attitude of including aspects of health literac.docxmonicafrancis71118
 
1. Choose a behavior (such as overeating, shopping, Internet use.docx
1. Choose a behavior (such as overeating, shopping, Internet use.docx1. Choose a behavior (such as overeating, shopping, Internet use.docx
1. Choose a behavior (such as overeating, shopping, Internet use.docxmonicafrancis71118
 
1. Case 3-4 Franklin Industries’ Whistleblowing (a GVV Case)Natali.docx
1. Case 3-4 Franklin Industries’ Whistleblowing (a GVV Case)Natali.docx1. Case 3-4 Franklin Industries’ Whistleblowing (a GVV Case)Natali.docx
1. Case 3-4 Franklin Industries’ Whistleblowing (a GVV Case)Natali.docxmonicafrancis71118
 
1. Cryptography is used to protect confidential data in many areas. .docx
1. Cryptography is used to protect confidential data in many areas. .docx1. Cryptography is used to protect confidential data in many areas. .docx
1. Cryptography is used to protect confidential data in many areas. .docxmonicafrancis71118
 
1. Compare and contrast steganography and cryptography.2. Why st.docx
1. Compare and contrast steganography and cryptography.2. Why st.docx1. Compare and contrast steganography and cryptography.2. Why st.docx
1. Compare and contrast steganography and cryptography.2. Why st.docxmonicafrancis71118
 
1. Date September 13, 2017 – September 15, 2017 2. Curr.docx
1. Date September 13, 2017 – September 15, 2017 2. Curr.docx1. Date September 13, 2017 – September 15, 2017 2. Curr.docx
1. Date September 13, 2017 – September 15, 2017 2. Curr.docxmonicafrancis71118
 
1. compare and contrast predictive analytics with prescriptive and d.docx
1. compare and contrast predictive analytics with prescriptive and d.docx1. compare and contrast predictive analytics with prescriptive and d.docx
1. compare and contrast predictive analytics with prescriptive and d.docxmonicafrancis71118
 
1. Creating and maintaining relationships between home and schoo.docx
1. Creating and maintaining relationships between home and schoo.docx1. Creating and maintaining relationships between home and schoo.docx
1. Creating and maintaining relationships between home and schoo.docxmonicafrancis71118
 
1. Compare and contrast Strategic and Tactical Analysis and its .docx
1. Compare and contrast Strategic and Tactical Analysis and its .docx1. Compare and contrast Strategic and Tactical Analysis and its .docx
1. Compare and contrast Strategic and Tactical Analysis and its .docxmonicafrancis71118
 
1. Coalition ProposalVaccination Policy for Infectious Disease P.docx
1. Coalition ProposalVaccination Policy for Infectious Disease P.docx1. Coalition ProposalVaccination Policy for Infectious Disease P.docx
1. Coalition ProposalVaccination Policy for Infectious Disease P.docxmonicafrancis71118
 
1. Company Description and Backgrounda. Weight Watchers was cr.docx
1. Company Description and Backgrounda. Weight Watchers was cr.docx1. Company Description and Backgrounda. Weight Watchers was cr.docx
1. Company Description and Backgrounda. Weight Watchers was cr.docxmonicafrancis71118
 
1. Come up with TWO movie ideas -- as in for TWO screenplays that .docx
1. Come up with TWO movie ideas -- as in for TWO screenplays that .docx1. Come up with TWO movie ideas -- as in for TWO screenplays that .docx
1. Come up with TWO movie ideas -- as in for TWO screenplays that .docxmonicafrancis71118
 
1. Choose a case for the paper that interests you. Most choose a .docx
1. Choose a case for the paper that interests you. Most choose a .docx1. Choose a case for the paper that interests you. Most choose a .docx
1. Choose a case for the paper that interests you. Most choose a .docxmonicafrancis71118
 

More from monicafrancis71118 (20)

1. Discuss Blockchains potential application in compensation system.docx
1. Discuss Blockchains potential application in compensation system.docx1. Discuss Blockchains potential application in compensation system.docx
1. Discuss Blockchains potential application in compensation system.docx
 
1. Describe the characteristics of the aging process. Explain how so.docx
1. Describe the characteristics of the aging process. Explain how so.docx1. Describe the characteristics of the aging process. Explain how so.docx
1. Describe the characteristics of the aging process. Explain how so.docx
 
1. Dis. 7Should we continue to collect data on race and .docx
1. Dis. 7Should we continue to collect data on race and .docx1. Dis. 7Should we continue to collect data on race and .docx
1. Dis. 7Should we continue to collect data on race and .docx
 
1. Differentiate crisis intervention from other counseling therapeut.docx
1. Differentiate crisis intervention from other counseling therapeut.docx1. Differentiate crisis intervention from other counseling therapeut.docx
1. Differentiate crisis intervention from other counseling therapeut.docx
 
1. Despite our rational nature, our ability to reason well is ofte.docx
1. Despite our rational nature, our ability to reason well is ofte.docx1. Despite our rational nature, our ability to reason well is ofte.docx
1. Despite our rational nature, our ability to reason well is ofte.docx
 
1. Describe the ethical challenges faced by organizations operating .docx
1. Describe the ethical challenges faced by organizations operating .docx1. Describe the ethical challenges faced by organizations operating .docx
1. Describe the ethical challenges faced by organizations operating .docx
 
1. Describe in your own words the anatomy of a muscle.  This sho.docx
1. Describe in your own words the anatomy of a muscle.  This sho.docx1. Describe in your own words the anatomy of a muscle.  This sho.docx
1. Describe in your own words the anatomy of a muscle.  This sho.docx
 
1. Describe how your attitude of including aspects of health literac.docx
1. Describe how your attitude of including aspects of health literac.docx1. Describe how your attitude of including aspects of health literac.docx
1. Describe how your attitude of including aspects of health literac.docx
 
1. Choose a behavior (such as overeating, shopping, Internet use.docx
1. Choose a behavior (such as overeating, shopping, Internet use.docx1. Choose a behavior (such as overeating, shopping, Internet use.docx
1. Choose a behavior (such as overeating, shopping, Internet use.docx
 
1. Case 3-4 Franklin Industries’ Whistleblowing (a GVV Case)Natali.docx
1. Case 3-4 Franklin Industries’ Whistleblowing (a GVV Case)Natali.docx1. Case 3-4 Franklin Industries’ Whistleblowing (a GVV Case)Natali.docx
1. Case 3-4 Franklin Industries’ Whistleblowing (a GVV Case)Natali.docx
 
1. Cryptography is used to protect confidential data in many areas. .docx
1. Cryptography is used to protect confidential data in many areas. .docx1. Cryptography is used to protect confidential data in many areas. .docx
1. Cryptography is used to protect confidential data in many areas. .docx
 
1. Compare and contrast steganography and cryptography.2. Why st.docx
1. Compare and contrast steganography and cryptography.2. Why st.docx1. Compare and contrast steganography and cryptography.2. Why st.docx
1. Compare and contrast steganography and cryptography.2. Why st.docx
 
1. Date September 13, 2017 – September 15, 2017 2. Curr.docx
1. Date September 13, 2017 – September 15, 2017 2. Curr.docx1. Date September 13, 2017 – September 15, 2017 2. Curr.docx
1. Date September 13, 2017 – September 15, 2017 2. Curr.docx
 
1. compare and contrast predictive analytics with prescriptive and d.docx
1. compare and contrast predictive analytics with prescriptive and d.docx1. compare and contrast predictive analytics with prescriptive and d.docx
1. compare and contrast predictive analytics with prescriptive and d.docx
 
1. Creating and maintaining relationships between home and schoo.docx
1. Creating and maintaining relationships between home and schoo.docx1. Creating and maintaining relationships between home and schoo.docx
1. Creating and maintaining relationships between home and schoo.docx
 
1. Compare and contrast Strategic and Tactical Analysis and its .docx
1. Compare and contrast Strategic and Tactical Analysis and its .docx1. Compare and contrast Strategic and Tactical Analysis and its .docx
1. Compare and contrast Strategic and Tactical Analysis and its .docx
 
1. Coalition ProposalVaccination Policy for Infectious Disease P.docx
1. Coalition ProposalVaccination Policy for Infectious Disease P.docx1. Coalition ProposalVaccination Policy for Infectious Disease P.docx
1. Coalition ProposalVaccination Policy for Infectious Disease P.docx
 
1. Company Description and Backgrounda. Weight Watchers was cr.docx
1. Company Description and Backgrounda. Weight Watchers was cr.docx1. Company Description and Backgrounda. Weight Watchers was cr.docx
1. Company Description and Backgrounda. Weight Watchers was cr.docx
 
1. Come up with TWO movie ideas -- as in for TWO screenplays that .docx
1. Come up with TWO movie ideas -- as in for TWO screenplays that .docx1. Come up with TWO movie ideas -- as in for TWO screenplays that .docx
1. Come up with TWO movie ideas -- as in for TWO screenplays that .docx
 
1. Choose a case for the paper that interests you. Most choose a .docx
1. Choose a case for the paper that interests you. Most choose a .docx1. Choose a case for the paper that interests you. Most choose a .docx
1. Choose a case for the paper that interests you. Most choose a .docx
 

Recently uploaded

Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAssociation for Project Management
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
The byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptxThe byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptxShobhayan Kirtania
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfchloefrazer622
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docxPoojaSen20
 
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...anjaliyadav012327
 

Recently uploaded (20)

Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
The byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptxThe byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptx
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdf
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docx
 
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
 

COM520 Written Assignment 7 Assignment Windows Incident.docx

  • 1. COM520 Written Assignment 7 Assignment: Windows Incident Handling Tools Assignment Requirements Responding to incidents in an efficient and repeatable manner depends on having the right tools in place before incidents occur. While there are many types of tools and utilities available for different purposes, some tools support incident handling tasks well. As a security administrator for Ken 7 Windows Limited, you have been given the task of evaluating various software tools for computer security incident response team (CSIRT) use. You should recommend at least one tool for each of the main CSIRT categories of functional needs. You can select from the list of functional needs given below. For each software tool you should select the most appropriate functional need(s), it best meets. Review the text sheet titled Tool Summary (provided below). After you identify the functional needs each tool fulfills, describe which tool, or tools, you would recommend for the Ken 7 Windows Limited CSIRT. Explain the reasons for your choice. Submission Requirements
  • 2. -Space Self-Assessment Checklist fied the correct function to secure incidents of Ken 7 Windows Limited. tools. Required Resources (provided below) Windows Access Control and Authentication Case Scenario for Rationale: Importance of Windows Access Control and Authentication © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved. www.jblearning.com Page 1 Ken 7 Windows Limited is a manufacturer of Windows for
  • 3. residential and commercial builders. Ken 7 Windows Limited carries a variety of Windows and related products. It supplies builders with all of the tools and supplies to install finished Windows in any type of building. Ken 7 Windows Limited has just purchased a new enterprise resource planning (ERP) software package to help control costs and increase both quality and customer responsiveness. The ERP software collects and stores information including: Ken 7 Windows Limited has identified six basic roles for users in the new ERP software: —maintain ERP data and system operation. —run planning software and generate requirements reports. —enter operational data (receiving, shipping, and product progress during manufacturing). —manage department personnel. —generate purchasing documents based on planning requirements. —maintain cost and accounting data. Access controls limit what users or roles can do with different types of data. For example, consider the
  • 4. following types of data: —raw materials and labor costs, including the cost of finished goods. —cost, amount of labor, and time required to produce finished goods. —rules for determining when raw materials, components, or supplies should be purchased. Through access control: Shop Floor users. users. During the analysis phase of the ERP implementation, Ken 7 Windows Limited raised concerns about users being able to access restricted data. able to login to shop floor computers. applications and data. The ERP implementation team suggested the following access control measures to protect restricted data. onal unit (OU) in Active Directory for
  • 5. shop floor computers. users to the shop floor OU. access for all non-HR users to restricted data. Implementation of several access control measures helped Ken 7 Windows Limited to restrict the data access. Hence access control and authentication is important, as it helped Ken 7 Windows Limited in reducing costs and increasing profits. Tools Summary © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved. www.jblearning.com Page 1 http://www.emc.com/security/rsa-archer/rsa-archer-incident- management.htm “Archer Incident Management centralizes and streamlines the complete case management lifecycle for cyber and physical incidents and ethics violations. Archer’s web-based solution
  • 6. allows you to capture organizational events that may escalate into incidents, evaluate incident criticality, and assign response team members based on business impact and regulatory requirements. You can also consolidate response procedures, manage investigations end-to-end, and report on trends, losses, recovery efforts and related incidents. Powered by the Archer SmartSuite Framework, the Incident Management software solution allows you to effectively handle incidents that occur anywhere you do business from detection through analysis and resolution.” g: http://www.d3security.com/products/incident-reporting “The Incident Reporting Software module is at the core of D3’s end-to-end integrated security management technology or virtual Security Operations Center (vSOC). The incident reporting application is easy-to-use and fully customizable. The flexible customization options allow incident forms, tasks and analysis reports to be designed to your organizations unique requirements. This greatly reduces unnecessary incident form fields, streamlines adoption of the system by staff and ensures the appropriate information is being collected.”
  • 7. http://airt.leune.com/ “AIRT is a web-based application that has been designed and developed to support the day to day operations of a computer security incident response team. The application supports highly automated processing of incident reports and facilitates coordination of multiple incidents by a security operations center.” http://www.emc.com/security/rsa-archer/rsa-archer-incident- management.htm http://www.d3security.com/products/incident-reporting http://airt.leune.com/ Tools Summary © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved. www.jblearning.com Page 2 http://www.bestpractical.com/index.html “RT for Incident Response helps your CERT or CSIRT team to efficiently track computer security
  • 8. incidents big and small. Collaborating with staff from top Incident Response teams, we've built a tool designed to help you manage your entire incident handling workflow. RTIR builds on RT to track Incident Reports, Incidents which tie together those reports and your Investigations into root causes and ideal remediation’s. RTIR extends RT with custom data extraction, reporting and workflow tools as well as a user experience centered around the Incident handling process. Best Practical offers a full suite of customization, training, deployment and support services for RTIR. Please contact us for more information.” http://www.bmc.com/products/product-listing/22735072- 106757-2391.html “Build powerful business workflow applications for Web, Windows, UNIX, and Linux environments AR System provides a consolidated Service Process Management platform for automating and managing Service Management business processes. that speeds the handling of unique processes -of-the-box workflow modules commonly used in automating service processes, such as notifications, escalations and approvals tinually align with the
  • 9. needs of the business -time management applications Web References: Links to Web references in this document are subject to change without prior notice. These links were last verified on June 26, 2013. http://www.bestpractical.com/index.html http://www.bmc.com/products/product-listing/22735072- 106757-2391.html Match Tools to CSIRT Functional Needs © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved. www.jblearning.com Page 1 Responding to incidents in an efficient and repeatable manner depends on having the right tools in place before incidents occur. While there are many types of tools and utilities available for different purposes, some tools support incident handling tasks well. As a security administrator for Ken 7 Windows Limited, you have been given the task of evaluating various software
  • 10. tools for CSIRT use. You should recommend at least one tool for each of the main CSIRT categories of functional needs. You can select from the list of functional needs given below. For each software tool you should select the most appropriate functional need(s), it best meets. Review the text sheet titled Tool Summary given to you as a handout. After you identify the functional needs each tool fulfills, describe which tool, or tools, you would recommend for the Ken 7 Windows Limited CSIRT. Explain the reasons for your choice. Select from these CSIRT functional needs: a. Tracking incidents b. Reporting on incidents c. Archiving incidents d. Communicating incident information e. Managing an incident’s tasks and activities Software tools (note which CSIRT functional needs each product meets): 1. Archer Incident Management 2. D3 Incident Reporting 3. Application for Incident Response Teams (AIRT)
  • 11. 4. Request Tracker for Incident Response (RTIR) 5. BMC Remedy Action Request System Which of the tools listed would you recommend for Ken 7 Windows Limited CSIRT? Why?