Incident Response Plan

Topics:
Words:
488
Page:
1
This essay sample was donated by a student to help the academic community. Papers provided by EduBirdie writers usually outdo students' samples.

Cite this essay cite-image

Introduction

Incident response plan presents a list of responses to an intrusion and a series of actions to stop an intrusion before it will cause damage an action plan has to include all possible result of analysis as well as actions it has too to cover critical and informational alerts and it should of course be accessible to all employees in the workplace..

Preparation

Preparation presents how employees should be trained to respond to incidents in the workplace, an employee should contact the IT Help Desk immediately after discovering an incident. The Help Desk will store information about an incident like the name of the employee who calls him, the source of the incident, the time, the location of equipment.Next; he has to contact the responsible employee referring to the contact list of the Incident Response team. He has to log the information received and add information to the report like the name of the attacked systems, IP address.

Save your time!
We can take care of your essay
  • Proper editing and formatting
  • Free revision, title page, and bibliography
  • Flexible prices and money-back guarantee
Place an order
document

Identification

The incident response team members contacted will meet to discuss the situation and assure that the event is a security incident, and discuss the response strategy that they will apply for example installation of security information and event management (SIEM), so that even logbooks can be proactively analyzed and acted upon or using a honeypot system to log all the attackers’ activities and study their behavior which is nothing but a server that offers any kind of services to the attacker with critical vulnerabilities, the type of incident (high, medium or Low),kind of incident because computer incidents require specific Incident Response Team activation.

Confinement

Here they try to limit the damage and isolate the affected systems to avoid probable damage, so usually, they shut down the systems so they stop the attack and assure preserving evidence.

Eradication

It’s time to do a root cause analysis to find out why the incident occurred and how to prevent it from occurring again. Act immediately to get the investigation started before valuable evidence is deleted including reviewing of system logs, reviewing intrusion detection or firewall logs, collection, and revision of log files, Reports from network monitoring programs, Detection of unauthorized services installed, any changes in the password file..

Recovery

In this phase they will restore the affected systems to be sure that all vulnerabilities have been removed, the vulnerability must be analyzed on each system before any correction.

Lessons learned

The IT team will revise the incident response plan they should update it according to what they learn from the incident, and improve future response so the incident doesn’t happen again. They must complete an incident report and outline it. they should make sure that the logs have been configured to be sent to a commercial log collection, and that their analysis product runs various logs summaries like trends to observe the big picture(Most Attacked Ports, Main Event Types) As well as Previously Invisible Events to discover rare but critical events in newspapers..

Make sure you submit a unique essay

Our writers will provide you with an essay sample written from scratch: any topic, any deadline, any instructions.

Cite this paper

Incident Response Plan. (2022, February 17). Edubirdie. Retrieved December 2, 2024, from https://edubirdie.com/examples/incident-response-plan/
“Incident Response Plan.” Edubirdie, 17 Feb. 2022, edubirdie.com/examples/incident-response-plan/
Incident Response Plan. [online]. Available at: <https://edubirdie.com/examples/incident-response-plan/> [Accessed 2 Dec. 2024].
Incident Response Plan [Internet]. Edubirdie. 2022 Feb 17 [cited 2024 Dec 2]. Available from: https://edubirdie.com/examples/incident-response-plan/
copy

Join our 150k of happy users

  • Get original paper written according to your instructions
  • Save time for what matters most
Place an order

Fair Use Policy

EduBirdie considers academic integrity to be the essential part of the learning process and does not support any violation of the academic standards. Should you have any questions regarding our Fair Use Policy or become aware of any violations, please do not hesitate to contact us via support@edubirdie.com.

Check it out!
close
search Stuck on your essay?

We are here 24/7 to write your paper in as fast as 3 hours.