Please enable JavaScript.
Coggle requires JavaScript to display documents.
Mitigating Risk with a computer Incident Response Team Plan - Coggle…
Mitigating Risk with a computer Incident Response Team Plan
Computer incident - violation or imminent threat of a violation of a security policy or security practice.
DoS
Malicious Code
Unauthorized access
Inappropriate usage
multiple component
CIRT plan - formal document that outlines an organization's response to computer incident
Members
Roles
Team Leader
Information security members
network administrators
Physical security
Legal
HR
communications
Responsiblities
Developing incident response procedures
investigating incidents
determining the cause of incidents
recommending controls to prevent future incidents
protecting collected evidence
Using chain of custody
Accountabilities
Policies
Incident handling process
Preparation
Detection and analysis
containment, eradication, and recovery
Post incident recovery
Best practices
Defining a computer security incident
Including policies in the CIRT plan to guide the CIRT members
Providing training
including checklists
subscribing to security notification