Answered You can buy a ready-made answer or pick a professional tutor to order an original one.

QUESTION

Using your favorite search engine, search for a sample incident response plan. Review the plan. Describe the key components within the incident response plan you identified. Be sure to cite the plan b

Using your favorite search engine, search for a sample incident response plan. Review the plan.

  1. Describe the key components within the incident response plan you identified. Be sure to cite the plan by including a link.

In your browser, navigate to “A Six-Stage Methodology for Incident Response,” at  http://my.safaribooksonline.com/book/networking/incident-response/1578702569/a-methodology-for-incident-response/ch03lev1sec2. Review the six steps listed on the website.

2. Outline the six-step methodology for performing incident response. List each step and its purpose. How closely does the plan that you reviewed follow this methodology?

Navigate to “Security Policy Templates” at https://www.sans.org/information-security-policy/, then locate and review the “Security Response Plan Policy”.

3. Describe how this policy would be associated with an incident response plan.

Review the following characteristics of the fictional Bankwise Credit Union: 

  • The organization is a local credit union that has several branches and locations throughout the region.
  • Online banking and use of the internet are the bank’s strengths, given its limited human resources.
  • The customer service department is the organization’s most critical business function.
  • The organization wants to be in compliance with the Gramm-Leach-Bliley Act (GLBA) and IT security best practices regarding its employees.
  • The organization wants to monitor and control use of the internet by implementing content filtering.
  • The organization wants to eliminate personal use of organization-owned IT assets and systems.
  • The organization wants to monitor and control use of the e-mail system by implementing e-mail security controls.
  • The organization wants to implement this policy for all the IT assets it owns and to incorporate this policy review into its annual security awareness training.
  • The organization wants to create an incident response team to deal with security breaches and other incidents if attacked and provide full authority for the team to perform whatever activities are needed to maintain chain of custody in performing forensics and evidence collection.
  • The organization wants to implement this policy throughout the organization to provide full authority during a crisis to the incident response team over all physical facilities, IT assets, IT systems, applications, and data owned by the organization.
  1. Create an incident response policy that grants team members full access and authority to perform forensics and maintain a chain of custody for physical evidence containment. Create this policy for the Bankwise Credit Union.

Bankwise Credit UnionIncident Response Team - Access and Authorization Policy

Policy StatementInsert policy verbiage here.

Purpose/ObjectivesInsert the policy’s purpose as well as its objectives; use a bulleted list for the policy definition. Define the incident response team members and the authorization and authority granted to them during a crisis or while securing an incident situation.

ScopeDefine this policy’s scope and whom it covers. What elements, IT assets, or organization-owned assets are within the scope of this policy? What access and authority are granted to the incident response team members that may be outside of standard protocol?

StandardsDoes this policy point to any hardware, software, or configuration standards? If so, list them here and explain the relationship of this policy to these standards

ProceduresExplain how you intend to implement this policy across the organization. Also, define and incorporate the six-step incident response approach here along with how the chain of custody must be maintained throughout any evidence collection process.

GuidelinesExplain any roadblocks or implementation issues that you must address in this section and how you will overcome them per defined policy guidelines.

Having an incident response plan is a great first step. However, if the plan is never tested, it likely will not work in a scenario when needed. One way to test an incident response plan is to execute a tabletop exercise. During a tabletop exercise, a probable scenario is created, and all incident response team members are required to meet and discuss the scenario. The purpose of the exercise is to see which parts of the plan work well and which parts fail. Once the exercise has been completed, the incident response team (along with policy and plan writers and other stakeholders) meet to update the plan as necessary.

As the CISO and leader of the organization’s incident response team, you are required to hold an annual tabletop exercise involving the incident response team.  Before the exercise can begin, you must complete the following tasks:

Q. Identify and define an incident scenario for Bankwise Credit Union. The incident must involve some type of cybersecurity issue.

Q. Create a brief abstract of the scenario to be approved by C-level executives.

Show more
kolek
kolek
  • @
  • 19 orders completed
ANSWER

Tutor has posted answer for $10.00. See answer's preview

$10.00

**** attachment ****

Click here to download attached files: information systems work edited.docx
or Buy custom answer
LEARN MORE EFFECTIVELY AND GET BETTER GRADES!
Ask a Question