Our Services

Get 15% Discount on your First Order

[rank_math_breadcrumb]

LAB

see attached

2

Creating an Incident Response Policy

Regardless of whether an organization’s policies are perfect, the staff is superior, or the walls are impenetrable, a time will come when an incident occurs. Whether it is a security breach, or an employee is exploited by social engineering, an incident will take place and the organization had better be prepared for it.

In this lab, you will define the purpose of an incident response team (IRT) and identify major elements of an incident response methodology. You will also identify critical management, human resources, legal, information technology (IT), and information systems security personnel required for the incident response team. You will create an incident response policy that defines the incident response team’s purpose and goal and the authority granted during an incident. This is a Theory Lab and does not require the use of a virtual environment.

This lab has two parts, which should be completed in the order specified.

1. In the first part of the lab, you will conduct research on incident response.

2. In the second part of the lab, you will design your own incident response policy.

Part 1: Research Incident Response Plans

1. Using your favorite search engine, search for a sample incident response plan.

2. Review the plan.

3. Describe the key components within the incident response plan you identified. Be sure to cite the plan by including a link.

4. In your browser, navigate to A Six-Stage Methodology for Incident Response.

5. Review the six steps listed on the website.

6. Outline the six-step methodology for performing incident response. List each step and its purpose. How closely does the plan that you reviewed follow this methodology?

Part 2: Create an Incident Response Policy

1. Navigate to the Security Policy Templates webpage, then locate and review the Security Response Plan Policy.

2. Describe how this policy would be associated with an incident response plan.

3. Review the following characteristics of the fictional Bankwise Credit Union:

4. The organization is a local credit union that has several branches and locations throughout the region.

a. Online banking and use of the internet are the bank’s strengths, given its limited human resources.

b. The customer service department is the organization’s most critical business function.

c. The organization wants to be in compliance with the Gramm-Leach-Bliley Act (GLBA) and information technology (IT) security best practices regarding its employees.

d. The organization wants to monitor and control use of the internet by implementing content filtering.

e. The organization wants to eliminate personal use of organization-owned IT assets and systems.

f. The organization wants to monitor and control use of the email system by implementing email security controls.

g. The organization wants to implement this policy for all the IT assets it owns and to incorporate this policy review into its annual security awareness training.

h. The organization wants to create an incident response team to deal with security breaches and other incidents if attacked and provide full authority for the team to perform whatever activities are needed to maintain chain of custody in performing forensics and evidence collection.

i. The organization wants to implement this policy throughout the organization to provide full authority during a crisis to the incident response team over all physical facilities, IT assets, IT systems, applications, and data owned by the organization. Create an incident response policy that grants team members full access and authority to perform forensics and maintain a chain of custody for physical evidence containment.

5. Create this policy for the Bankwise Credit Union. The policy should include the following elements.

a. Policy Statement

b. Purpose/Objectives

c. Scope

d. Standards

e. Procedures

f. Guidelines

When you have completed the lab, click the “Download Lab Report as PDF” icon,

Share This Post

Email
WhatsApp
Facebook
Twitter
LinkedIn
Pinterest
Reddit

Order a Similar Paper and get 15% Discount on your First Order

Related Questions

Failed Software Project

  Your business sponsor is concerned that your project may fail. As you know, developing software applications is very risky; thus, failure is a distinct option. Using a project that you have experience with or locate online, describe why software development projects fail, and how to reduce the risk of

V

See attached Should organizations have data or information owners? Please explain why or why not. Consider the costs, roles, and responsibilities for the data and information. Course Textbook(s) Santos, O. (2019). Developing cybersecurity programs and policies (3rd ed.). Pearson.

Journal

See attached Compose a 300-word essay addressing/answering the following questions: 1. Describe the characteristics of a cybersecurity policy. Who would create this policy? Who would be affected by it? 2. Explain how cybersecurity policies can help reduce the threats to an organization. Which threats are the hardest to protect against

Challenges for Software Development

 Week 2 Discussion – Challenges for Software Development You have been assigned as the project manager of a critical software project for your firm. Your firm wants to use the Project Management Body of Knowledge (PMBOK Guide) as a framework for project management. PMBOK is based upon five process groups.

ISO Consultants

Secure your certification with the aid of Isoconsultantsuk.co.uk, a leading provider of ISO training and support services. Embark on your adventure now.

Article

Assignment Instructions Scenario: Technical managers are often required to explain technologies and make business cases to leadership.  Technology managers need the skills to summarize and assess technical articles and publications.  Then they need to make and pitch a business case to non-technical leadership/executives.  In my experience, managers that are capable of

CASE STUDY 4303

See attached. Policy Writing Approach Refer to “Case Study: Policy Writing Approach” found on page 102 of your textbook and copied below. Regional Bank has been growing rapidly. In the past two years, it has acquired six smaller financial institutions. The long-term strategic plan is for the bank to keep

SLP 3 – 25

Please help me Module 3 – SLP E-Business, E-Commerce, and M-Commerce The trouble with credit cards online is providing your credit card credentials to a seller. With companies such as PayPal, you do not have to provide those credentials to the seller and your credit card credentials are with the

Case 3 – 25

I need help Module 3 – Case E-Business, E-Commerce, and M-Commerce Assignment Overview The Case Assignment for this module involves your understanding the e-business sector as a component of the information technology revolution that is evolving from Web 2.0 to Web 3.0. As usual, we have identified some salient sources

SLP 2 – 25

I need help with my homework assignment!  Module 2 – SLP IT Services and Cloud Computing If Cloud computing is the greatest thing for business since sliced bread, then by extension, it certainly ought to be the greatest thing for education since chalk. In point of fact, a relatively large

Case 2 – 25

Need help please Module 2 – Case IT Services and Cloud Computing Assignment Overview The Case Assignment for this module involves thinking systematically about the IT services movement in general and about cloud computing as a particular instance of that approach. You will start by reviewing a number of sources

SLP 1 – 25

Need help with my homework Module 1 – SLP Web 2.0 and Social Networks The purpose of the Session Long Project in Trident University classes is to give you the opportunity to explore the applicability of the module to your own life, work, and place in space and time, and

Case 1 – 25

I need help with my homework please.  Module 1 – Case Web 2.0 and Social Networks Assignment Overview In this Case Assignment, you are exploring the technological underpinnings of the Internet. The objective of this Case is to better understand the evolution of the Web from Web 1.0 and Web

SP DB

See attached. In your own words, please discuss a cybersecurity policy with which you are familiar. The example can come from work, school, or a business relationship. You can also research organizational policies posted online. Give a brief description of the policy. What is the purpose and value of the

Changes in existing interview question for Info I’m attaching th topic

Topic:   Enhancing Cybersecurity in IoT Networks: A Comprehensive Study on Threat Detection and Mitigation Strategies · Details about the research (Background, methodology, research questions) · ·  The rapid proliferation of IoT devices has opened up new avenues for cyber threats. Securing these devices has become increasingly complicated, as over 75 billion

Active directory automation

Need help to get an assignment done. Requirements are VMware, windows server core (not the full GUI). PowerShell Automation for Active Directory Submission Template Screenshot 1 Onboarding New Users from CSV Single screenshot showing: Script output (e.g. “Created user: jdoe”). Get-ADUser results for those SamAccountNames. Your custom prompt (server name

HIMS 11

  Assignment Instructions:  Using the Patient Healthcare Data in the attached Excel file (attached below), construct a 3-D Clustered Column Chart depicting the three healthcare parameters (weight, height, age), and title this chart ” Patient Healthcare Data” at the top center and show Legend at the bottom. After reviewing the

Governance, Ethics, and Security

 Assume the role of an IT security consultant who has been contacted by a company to provide them with a written code of IT conduct for its employees and a security policy for the firm. In preparation for undertaking this large job, prepare a proposal explaining what topics you will