For every potential attack scenario, the IR team creates an incident plan, which is made up of three sets of incident-handling procedures. Briefly describe these three sets.
What will be an ideal response?
During the incident: The planners develop and document the procedures that must be performed during the incident. These procedures are grouped and assigned to individuals. Systems administrators' tasks differ from managerial tasks, so members of the planning committee must draft a set of function-specific procedures.
After the incident: Once the procedures for handling an incident are drafted, the planners develop and document the procedures that must be performed immediately after the incident has ceased. Again, separate functional areas may develop different procedures.
Before the incident: The planners draft a third set of procedures, which are those tasks that must be performed to prepare for the incident. These procedures include the details of the data backup schedules, disaster recovery preparation, training schedules, testing plans, copies of service agreements, and business continuity plans, if any.
You might also like to view...
The closer the wet-bulb and dry-bulb temperatures are to each other, the higher the ____________________.
Fill in the blank(s) with the appropriate word(s).
The ideal ON resistance of a relay is
A) 10 ?. B) 1 M?. C) 0 ?. D) infinite ?.
Heinrich’s Domino Theory has two central points: 1) injuries are caused by the preceding factors; and 2) removal of the central factor (an unsafe act or hazardous condition) negates the action of the preceding factors and, in so doing, prevents accidents and injuries.