An incident response plan is a set of procedures and responsibilities for an organisation in the event of a cyber-related disruption, such as a phishing attack or a data breach. A XYZ company employee unintentionally downloaded malware onto their system after clicking on a phishing email. The malware was able to spread to other network systems, allowing the attackers to steal sensitive data from the company's servers. As the team lead of a Computer Incident Response Team (CIRT) of the XYZ company, create an incident response plan to assist the company in effectively responding to and managing the incident as indicated above, minimising damage and downtime, and restoring normal operations as soon as possible. Your proposed plan must incorporate SANS Structured Six Steps with appropriate technology services and user management strategies, to address the following three conditions: Before attack for preparation (5%) During attack for identification (5%) After attack for response (5%)
An incident response plan is a set of procedures and responsibilities for an organisation in the event of a cyber-related disruption, such as a phishing attack or a data breach. A XYZ company employee unintentionally downloaded malware onto their system after clicking on a phishing email. The malware was able to spread to other network systems, allowing the attackers to steal sensitive data from the company's servers. As the team lead of a Computer Incident Response Team (CIRT) of the XYZ company, create an incident response plan to assist the company in effectively responding to and managing the incident as indicated above, minimising damage and downtime, and restoring normal operations as soon as possible. Your proposed plan must incorporate SANS Structured Six Steps with appropriate technology services and user management strategies, to address the following three conditions:
Before attack for preparation (5%)
During attack for identification (5%)
After attack for response (5%)
Step by step
Solved in 5 steps