View the step-by-step solution to:

Incident Response Plan 1.0 Overview This incident response plan defines what constitutes a security incident and outlines the incident response...

Design an incident response plan for your home computer. Include actions to be taken if one of the following events occurs:
1. Virus Attack
2. Power Failure
3. Fire
4. Burst Water pipe

Incident Response Plan 1.0 Overview This incident response plan defines what constitutes a security incident and outlines the incident response phases. This incident response plan document discusses how information is passed to the appropriate personnel, assessment of the incident, minimising damage and response strategy, documentation, and preservation of evidence. The incident response plan will define areas of responsibility and establish procedures for handing various security incidents. This document discusses the considerations required to build an incident response plan. 2.0 Purpose This policy is designed to protect the organizational resources against intrusion. 3.0 Incident Response Goals 1. Verify that an incident occurred. 2. Maintain or Restore Business Continuity. 3. Reduce the incident impact. 4. Determine how the attack was done ir the incident happened. 5. Prevent future attacks or incidents. 6. Improve security and incident response. 7. Prosecute illegal activity. 8. Keep management informed of the situation and response. 4.0 Incident Definition An incident is any one or more of the following: 1. Loss of information confidentiality (data theft) 2. Compromise of information integrity (damage to data or unauthorized modification). 3. Theft of physical IT asset including computers, storage devices, printers, etc. 4. Damage to physical IT assets including computers, storage devices, printers, etc. 5. Denial of service. 6. Misuse of services, information, or assets. 7. Infection of systems by unauthorized or hostile software. 8. An attempt at unauthorized access. 9. Unauthorized changes to organizational hardware, softwaare, or configuration. 10. Reports of unusual system behavior. 11. Responses to intrusion detection alarms. 5.0 Incident Planning In the incident response plan, do the following: 1. Define roles and responsibilities
Background image of page 1
2. Establish procedures detailing actions taken during the incident. 1. Detail actions based on type of incident such as a virus, hacker intrusion, data theft, system destruction. 2. Procedures should consider how critical the threatened system or data is. 3. Consider whether the incident is ongoing or done. 6.0 Incident Response Life cycle 1. Incident Preparation 1. Policies and Procedures 1.1. Computer Security Policies - These involve many policies including password policies, intrusion detection, computer property control, data assessment, and others. 1.2. Incident Response Procedures 1.3. Backup and Recovery Procedures 2. Implement policies with security tools including firewalls, intrusion detection systems, and other required items. 3. Post warning banners against unauthorized use at system points of access. 4. Establish Response Guidelines by considering and discussing possible scenarios. 5. Train users about computer security and train IT staff in handling security situations and recognizing intrusions. 6. Establish Contacts - Incident response team member contact information should be readily available. An emergency contact procedure should be established. There should be one contact list with names listed by contact priority. 7. Test the process. 2. Discovery - Someone discovers something not right or suspicious. This may be from any of several sources: 1. Helpdesk 2. Intrusion detection system 3. A system administrator 4. A firewall administrator 5. A business partner 6. A monitoring team 7. A manager 8. The security department or a security person. 9. An outside source. 3. Notification - The emergency contact procedure is used to contact the incident response team.
Background image of page 2
Show entire document
Sign up to view the entire interaction

Top Answer

Dear Student Please find... View the full answer

Computer Science-8216538.doc

Incident Response plan for Personal Computer from different problems is listed
Key Features of the Planning – Before, after and at the time of attack instructions that
are required to be...

Sign up to view the full answer

Why Join Course Hero?

Course Hero has all the homework and study help you need to succeed! We’ve got course-specific notes, study guides, and practice tests along with expert tutors.


Educational Resources
  • -

    Study Documents

    Find the best study resources around, tagged to your specific courses. Share your own to gain free Course Hero access.

    Browse Documents
  • -

    Question & Answers

    Get one-on-one homework help from our expert tutors—available online 24/7. Ask your own questions or browse existing Q&A threads. Satisfaction guaranteed!

    Ask a Question
Ask a homework question - tutors are online