Cis 359 Week 6 Assignment 3 Incident Response (Ir) Strategic Decisions

In: Business and Management

Submitted By Laynebaril
Words 403
Pages 2
CIS 359 Week 6 Assignment 3 Incident Response (IR) Strategic Decisions

Click Link Below To Buy: http://hwcampus.com/shop/cis-359-week-6-assignment-3-incident-response-ir-strategic-decisions/ Or Visit www.hwcampus.com

Suppose that you have been alerted of a potential incident involving a suspected worm spreading via buffer overflow techniques, compromising Microsoft IIS Web servers. As the IR Team leader, it is your responsibility to determine the next steps. Write a two to three (2-3) page paper in which you:
1. Explain in detail the initial steps that would need to be made by you and the IR team in order to respond to this potential incident.
2. Construct a process-flow diagram that illustrates the process of determining the incident containment strategy that would be used in this scenario, and identify which containment strategy would be appropriate in this case, through the use of graphical tools in Visio, or an open source alternative such as Dia. Note: The graphically depicted solution is not included in the required page length.
3. Construct a process flow diagram to illustrate the process(es) for determining if / when notification of the incident should be relayed to upper management, and explain how those communications should be structured and relayed through the use of graphical tools in Visio, or an open source alternative such as Dia. Note: The graphically depicted solution is not included in the required page length.
4. Detail the incident recovery processes for the resolution of this incident.
5. Use at least three (3) quality resources in this assignment.Note: Wikipedia and similar Websites do not qualify as quality resources. Your assignment must follow these formatting requirements:
• Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must…...

Similar Documents

Cis 359 Week 3 Case Study 1: Stuxnet and U.S. Incident Response

...CIS 359 Week 3 Case Study 1: Stuxnet and U.S. Incident Response Click Link Below To Buy: http://hwcampus.com/shop/cis-359-week-3-case-study-1-stuxnet-and-u-s-incident-response/ Or Visit www.hwcampus.com Case Study 1: Stuxnet and U.S. Incident Response Week 3 Read the article titled “When Stuxnet Hit the Homeland: Government Response to the Rescue,” from ABC News, located at http://abcnews.go.com/blogs/headlines/2012/06/when-stuxnet-hit-the-homeland-government-response-to-the-rescue/ and consider this threat in terms of incident response and recovery procedures. Write a three to four (3-4) page paper in which you: 1. Explain the role of US-CERT in protecting the nation’s industrial systems and analyze its efforts in relation to preparedness and incident and recovery management. 2. Discuss the efforts of ICS-CERT specifically to the Stuxnet threat and examine its incident response efforts to mitigate this risk against U.S. industrial systems. 3. With the sophistication of the primary sites of industrial system implementations, determine whether or not alternate sites (e.g., hot site) are feasible for organizations that utilize ICS technologies. Provide a rationale. 4. Explain the high-level planning needed for an industrial systems organization that utilizes ICS technologies to prepare for attacks from cyber threats such as Stuxnet. 5. Use at least four (4) quality resources in this assignment.Note: Wikipedia and similar Websites do not qualify as......

Words: 384 - Pages: 2

Cis 359 Week 4 Assignment 2: Incident Response (Ir) Revamp

...CIS 359 Week 4 Assignment 2: Incident Response (IR) Revamp Click Link Below To Buy: http://hwcampus.com/shop/cis-359-week-4-assignment-2-incident-response-ir-revamp/ Or Visit www.hwcampus.com Assignment 2: Incident Response (IR) Revamp Week 4 Imagine you have just taken over the manager position for your organization’s incident response team, after coming from another division in the company. Your first realization is that proper procedures, best practices, and sound technologies are not being utilized. You decide to revamp the team’s efforts. Write a two to three (2-3) page paper in which you: 1. Explicate the main efforts that would be included in the incident response efforts, including but not limited to personnel and team structure, tools and utilities, and proper procedures. 2. Discuss in detail the role that an IDS / IPS would play in the IR efforts, and explain how these systems can assist in the event notification, determination, and escalation processes. 3. Explain how the NIST SP800-61, Rev. 1 could assist the personnel in classifying incidents so each is identified appropriately and the proper incident-handling procedures are taken. 4. Explain how the use of log management systems (e.g., Splunk) could be a legitimate and useful component of the IR efforts, and describe the potential issues that could arise if not utilized. 5. Use at least three (3) quality resources in this assignment.Note: Wikipedia and similar Websites do not......

Words: 383 - Pages: 2

Cis 359 Week 6 Assignment 3 Incident Response (Ir) Strategic Decisions

...CIS 359 Week 6 Assignment 3 Incident Response (IR) Strategic Decisions Click Link Below To Buy: http://hwcampus.com/shop/cis-359-week-6-assignment-3-incident-response-ir-strategic-decisions/ Or Visit www.hwcampus.com Suppose that you have been alerted of a potential incident involving a suspected worm spreading via buffer overflow techniques, compromising Microsoft IIS Web servers. As the IR Team leader, it is your responsibility to determine the next steps. Write a two to three (2-3) page paper in which you: 1. Explain in detail the initial steps that would need to be made by you and the IR team in order to respond to this potential incident. 2. Construct a process-flow diagram that illustrates the process of determining the incident containment strategy that would be used in this scenario, and identify which containment strategy would be appropriate in this case, through the use of graphical tools in Visio, or an open source alternative such as Dia. Note: The graphically depicted solution is not included in the required page length. 3. Construct a process flow diagram to illustrate the process(es) for determining if / when notification of the incident should be relayed to upper management, and explain how those communications should be structured and relayed through the use of graphical tools in Visio, or an open source alternative such as Dia. Note: The graphically depicted solution is not included in the required page length. 4. Detail the......

Words: 403 - Pages: 2

Cis 359 Week 3 Case Study 1: Stuxnet and U.S. Incident Response

...CIS 359 Week 3 Case Study 1: Stuxnet and U.S. Incident Response Click Link Below To Buy: http://hwcampus.com/shop/cis-359-week-3-case-study-1-stuxnet-and-u-s-incident-response/ Or Visit www.hwcampus.com Case Study 1: Stuxnet and U.S. Incident Response Week 3 Read the article titled “When Stuxnet Hit the Homeland: Government Response to the Rescue,” from ABC News, located at http://abcnews.go.com/blogs/headlines/2012/06/when-stuxnet-hit-the-homeland-government-response-to-the-rescue/ and consider this threat in terms of incident response and recovery procedures. Write a three to four (3-4) page paper in which you: 1. Explain the role of US-CERT in protecting the nation’s industrial systems and analyze its efforts in relation to preparedness and incident and recovery management. 2. Discuss the efforts of ICS-CERT specifically to the Stuxnet threat and examine its incident response efforts to mitigate this risk against U.S. industrial systems. 3. With the sophistication of the primary sites of industrial system implementations, determine whether or not alternate sites (e.g., hot site) are feasible for organizations that utilize ICS technologies. Provide a rationale. 4. Explain the high-level planning needed for an industrial systems organization that utilizes ICS technologies to prepare for attacks from cyber threats such as Stuxnet. 5. Use at least four (4) quality resources in this assignment.Note: Wikipedia and similar Websites do not qualify as......

Words: 384 - Pages: 2

Cis 359 Week 4 Assignment 2: Incident Response (Ir) Revamp

...CIS 359 Week 4 Assignment 2: Incident Response (IR) Revamp Click Link Below To Buy: http://hwcampus.com/shop/cis-359-week-4-assignment-2-incident-response-ir-revamp/ Or Visit www.hwcampus.com Assignment 2: Incident Response (IR) Revamp Week 4 Imagine you have just taken over the manager position for your organization’s incident response team, after coming from another division in the company. Your first realization is that proper procedures, best practices, and sound technologies are not being utilized. You decide to revamp the team’s efforts. Write a two to three (2-3) page paper in which you: 1. Explicate the main efforts that would be included in the incident response efforts, including but not limited to personnel and team structure, tools and utilities, and proper procedures. 2. Discuss in detail the role that an IDS / IPS would play in the IR efforts, and explain how these systems can assist in the event notification, determination, and escalation processes. 3. Explain how the NIST SP800-61, Rev. 1 could assist the personnel in classifying incidents so each is identified appropriately and the proper incident-handling procedures are taken. 4. Explain how the use of log management systems (e.g., Splunk) could be a legitimate and useful component of the IR efforts, and describe the potential issues that could arise if not utilized. 5. Use at least three (3) quality resources in this assignment.Note: Wikipedia and similar Websites do not......

Words: 383 - Pages: 2

Cis 359 Week 6 Assignment 3 Incident Response (Ir) Strategic Decisions

...CIS 359 Week 6 Assignment 3 Incident Response (IR) Strategic Decisions Click Link Below To Buy: http://hwcampus.com/shop/cis-359-week-6-assignment-3-incident-response-ir-strategic-decisions/ Or Visit www.hwcampus.com Suppose that you have been alerted of a potential incident involving a suspected worm spreading via buffer overflow techniques, compromising Microsoft IIS Web servers. As the IR Team leader, it is your responsibility to determine the next steps. Write a two to three (2-3) page paper in which you: 1. Explain in detail the initial steps that would need to be made by you and the IR team in order to respond to this potential incident. 2. Construct a process-flow diagram that illustrates the process of determining the incident containment strategy that would be used in this scenario, and identify which containment strategy would be appropriate in this case, through the use of graphical tools in Visio, or an open source alternative such as Dia. Note: The graphically depicted solution is not included in the required page length. 3. Construct a process flow diagram to illustrate the process(es) for determining if / when notification of the incident should be relayed to upper management, and explain how those communications should be structured and relayed through the use of graphical tools in Visio, or an open source alternative such as Dia. Note: The graphically depicted solution is not included in the required page length. 4. Detail the......

Words: 403 - Pages: 2

Cis 359 Week 3 Case Study 1: Stuxnet and U.S. Incident Response

...CIS 359 Week 3 Case Study 1: Stuxnet and U.S. Incident Response Click Link Below To Buy: http://hwcampus.com/shop/cis-359-week-3-case-study-1-stuxnet-and-u-s-incident-response/ Or Visit www.hwcampus.com Case Study 1: Stuxnet and U.S. Incident Response Week 3 Read the article titled “When Stuxnet Hit the Homeland: Government Response to the Rescue,” from ABC News, located at http://abcnews.go.com/blogs/headlines/2012/06/when-stuxnet-hit-the-homeland-government-response-to-the-rescue/ and consider this threat in terms of incident response and recovery procedures. Write a three to four (3-4) page paper in which you: 1. Explain the role of US-CERT in protecting the nation’s industrial systems and analyze its efforts in relation to preparedness and incident and recovery management. 2. Discuss the efforts of ICS-CERT specifically to the Stuxnet threat and examine its incident response efforts to mitigate this risk against U.S. industrial systems. 3. With the sophistication of the primary sites of industrial system implementations, determine whether or not alternate sites (e.g., hot site) are feasible for organizations that utilize ICS technologies. Provide a rationale. 4. Explain the high-level planning needed for an industrial systems organization that utilizes ICS technologies to prepare for attacks from cyber threats such as Stuxnet. 5. Use at least four (4) quality resources in this assignment.Note: Wikipedia and similar Websites do not qualify as......

Words: 384 - Pages: 2

Cis 359 Week 4 Assignment 2: Incident Response (Ir) Revamp

...CIS 359 Week 4 Assignment 2: Incident Response (IR) Revamp Click Link Below To Buy: http://hwcampus.com/shop/cis-359-week-4-assignment-2-incident-response-ir-revamp/ Or Visit www.hwcampus.com Assignment 2: Incident Response (IR) Revamp Week 4 Imagine you have just taken over the manager position for your organization’s incident response team, after coming from another division in the company. Your first realization is that proper procedures, best practices, and sound technologies are not being utilized. You decide to revamp the team’s efforts. Write a two to three (2-3) page paper in which you: 1. Explicate the main efforts that would be included in the incident response efforts, including but not limited to personnel and team structure, tools and utilities, and proper procedures. 2. Discuss in detail the role that an IDS / IPS would play in the IR efforts, and explain how these systems can assist in the event notification, determination, and escalation processes. 3. Explain how the NIST SP800-61, Rev. 1 could assist the personnel in classifying incidents so each is identified appropriately and the proper incident-handling procedures are taken. 4. Explain how the use of log management systems (e.g., Splunk) could be a legitimate and useful component of the IR efforts, and describe the potential issues that could arise if not utilized. 5. Use at least three (3) quality resources in this assignment.Note: Wikipedia and similar Websites do not......

Words: 383 - Pages: 2

Cis 359 Week 6 Assignment 3 Incident Response (Ir) Strategic Decisions

...CIS 359 Week 6 Assignment 3 Incident Response (IR) Strategic Decisions Click Link Below To Buy: http://hwcampus.com/shop/cis-359-week-6-assignment-3-incident-response-ir-strategic-decisions/ Or Visit www.hwcampus.com Suppose that you have been alerted of a potential incident involving a suspected worm spreading via buffer overflow techniques, compromising Microsoft IIS Web servers. As the IR Team leader, it is your responsibility to determine the next steps. Write a two to three (2-3) page paper in which you: 1. Explain in detail the initial steps that would need to be made by you and the IR team in order to respond to this potential incident. 2. Construct a process-flow diagram that illustrates the process of determining the incident containment strategy that would be used in this scenario, and identify which containment strategy would be appropriate in this case, through the use of graphical tools in Visio, or an open source alternative such as Dia. Note: The graphically depicted solution is not included in the required page length. 3. Construct a process flow diagram to illustrate the process(es) for determining if / when notification of the incident should be relayed to upper management, and explain how those communications should be structured and relayed through the use of graphical tools in Visio, or an open source alternative such as Dia. Note: The graphically depicted solution is not included in the required page length. 4. Detail the......

Words: 403 - Pages: 2

Cis 359 Week 6 Assignment 3 Incident Response (Ir) Strategic Decisions

...CIS 359 Week 6 Assignment 3 Incident Response (IR) Strategic Decisions Buy Now From Below: http://www.homeworkarena.com/cis-359-week-6-assignment-3-incident-response-ir-strategic-decisions Suppose that you have been alerted of a potential incident involving a suspected worm spreading via buffer overflow techniques, compromising Microsoft IIS Web servers. As the IR Team leader, it is your responsibility to determine the next steps. Write a two to three (2-3) page paper in which you: 1. Explain in detail the initial steps that would need to be made by you and the IR team in order to respond to this potential incident. 2. Construct a process-flow diagram that illustrates the process of determining the incident containment strategy that would be used in this scenario, and identify which containment strategy would be appropriate in this case, through the use of graphical tools in Visio, or an open source alternative such as Dia. Note: The graphically depicted solution is not included in the required page length. 3. Construct a process flow diagram to illustrate the process(es) for determining if / when notification of the incident should be relayed to upper management, and explain how those communications should be structured and relayed through the use of graphical tools in Visio, or an open source alternative such as Dia. Note: The graphically depicted solution is not included in the required page length. 4. Detail the incident recovery processes for the......

Words: 294 - Pages: 2

Cis 359 Week 3 Case Study 1: Stuxnet and U.S. Incident Response

...CIS 359 Week 3 Case Study 1: Stuxnet and U.S. Incident Response Click Link Below To Buy: http://hwcampus.com/shop/cis-359-week-3-case-study-1-stuxnet-and-u-s-incident-response/ Or Visit www.hwcampus.com Case Study 1: Stuxnet and U.S. Incident Response Week 3 Read the article titled “When Stuxnet Hit the Homeland: Government Response to the Rescue,” from ABC News, located at http://abcnews.go.com/blogs/headlines/2012/06/when-stuxnet-hit-the-homeland-government-response-to-the-rescue/ and consider this threat in terms of incident response and recovery procedures. Write a three to four (3-4) page paper in which you: 1. Explain the role of US-CERT in protecting the nation’s industrial systems and analyze its efforts in relation to preparedness and incident and recovery management. 2. Discuss the efforts of ICS-CERT specifically to the Stuxnet threat and examine its incident response efforts to mitigate this risk against U.S. industrial systems. 3. With the sophistication of the primary sites of industrial system implementations, determine whether or not alternate sites (e.g., hot site) are feasible for organizations that utilize ICS technologies. Provide a rationale. 4. Explain the high-level planning needed for an industrial systems organization that utilizes ICS technologies to prepare for attacks from cyber threats such as Stuxnet. 5. Use at least four (4) quality resources in this assignment.Note: Wikipedia and similar Websites do not qualify as......

Words: 384 - Pages: 2

Cis 359 Week 4 Assignment 2: Incident Response (Ir) Revamp

...CIS 359 Week 4 Assignment 2: Incident Response (IR) Revamp Click Link Below To Buy: http://hwcampus.com/shop/cis-359-week-4-assignment-2-incident-response-ir-revamp/ Or Visit www.hwcampus.com Assignment 2: Incident Response (IR) Revamp Week 4 Imagine you have just taken over the manager position for your organization’s incident response team, after coming from another division in the company. Your first realization is that proper procedures, best practices, and sound technologies are not being utilized. You decide to revamp the team’s efforts. Write a two to three (2-3) page paper in which you: 1. Explicate the main efforts that would be included in the incident response efforts, including but not limited to personnel and team structure, tools and utilities, and proper procedures. 2. Discuss in detail the role that an IDS / IPS would play in the IR efforts, and explain how these systems can assist in the event notification, determination, and escalation processes. 3. Explain how the NIST SP800-61, Rev. 1 could assist the personnel in classifying incidents so each is identified appropriately and the proper incident-handling procedures are taken. 4. Explain how the use of log management systems (e.g., Splunk) could be a legitimate and useful component of the IR efforts, and describe the potential issues that could arise if not utilized. 5. Use at least three (3) quality resources in this assignment.Note: Wikipedia and similar Websites do not......

Words: 383 - Pages: 2

Cis 359 Week 3 Case Study 1: Stuxnet and U.S. Incident Response

...CIS 359 Week 3 Case Study 1: Stuxnet and U.S. Incident Response Click Link Below To Buy: http://hwcampus.com/shop/cis-359-week-3-case-study-1-stuxnet-and-u-s-incident-response/ Or Visit www.hwcampus.com Case Study 1: Stuxnet and U.S. Incident Response Week 3 Read the article titled “When Stuxnet Hit the Homeland: Government Response to the Rescue,” from ABC News, located at http://abcnews.go.com/blogs/headlines/2012/06/when-stuxnet-hit-the-homeland-government-response-to-the-rescue/ and consider this threat in terms of incident response and recovery procedures. Write a three to four (3-4) page paper in which you: 1. Explain the role of US-CERT in protecting the nation’s industrial systems and analyze its efforts in relation to preparedness and incident and recovery management. 2. Discuss the efforts of ICS-CERT specifically to the Stuxnet threat and examine its incident response efforts to mitigate this risk against U.S. industrial systems. 3. With the sophistication of the primary sites of industrial system implementations, determine whether or not alternate sites (e.g., hot site) are feasible for organizations that utilize ICS technologies. Provide a rationale. 4. Explain the high-level planning needed for an industrial systems organization that utilizes ICS technologies to prepare for attacks from cyber threats such as Stuxnet. 5. Use at least four (4) quality resources in this assignment.Note: Wikipedia and similar Websites do not qualify as......

Words: 384 - Pages: 2

Cis 359 Week 4 Assignment 2: Incident Response (Ir) Revamp

...CIS 359 Week 4 Assignment 2: Incident Response (IR) Revamp Click Link Below To Buy: http://hwcampus.com/shop/cis-359-week-4-assignment-2-incident-response-ir-revamp/ Or Visit www.hwcampus.com Assignment 2: Incident Response (IR) Revamp Week 4 Imagine you have just taken over the manager position for your organization’s incident response team, after coming from another division in the company. Your first realization is that proper procedures, best practices, and sound technologies are not being utilized. You decide to revamp the team’s efforts. Write a two to three (2-3) page paper in which you: 1. Explicate the main efforts that would be included in the incident response efforts, including but not limited to personnel and team structure, tools and utilities, and proper procedures. 2. Discuss in detail the role that an IDS / IPS would play in the IR efforts, and explain how these systems can assist in the event notification, determination, and escalation processes. 3. Explain how the NIST SP800-61, Rev. 1 could assist the personnel in classifying incidents so each is identified appropriately and the proper incident-handling procedures are taken. 4. Explain how the use of log management systems (e.g., Splunk) could be a legitimate and useful component of the IR efforts, and describe the potential issues that could arise if not utilized. 5. Use at least three (3) quality resources in this assignment.Note: Wikipedia and similar Websites do not......

Words: 383 - Pages: 2

Cis 359 Week 6 Assignment 3 Incident Response (Ir) Strategic Decisions

...CIS 359 Week 6 Assignment 3 Incident Response (IR) Strategic Decisions Click Link Below To Buy: http://hwcampus.com/shop/cis-359-week-6-assignment-3-incident-response-ir-strategic-decisions/ Or Visit www.hwcampus.com Suppose that you have been alerted of a potential incident involving a suspected worm spreading via buffer overflow techniques, compromising Microsoft IIS Web servers. As the IR Team leader, it is your responsibility to determine the next steps. Write a two to three (2-3) page paper in which you: 1. Explain in detail the initial steps that would need to be made by you and the IR team in order to respond to this potential incident. 2. Construct a process-flow diagram that illustrates the process of determining the incident containment strategy that would be used in this scenario, and identify which containment strategy would be appropriate in this case, through the use of graphical tools in Visio, or an open source alternative such as Dia. Note: The graphically depicted solution is not included in the required page length. 3. Construct a process flow diagram to illustrate the process(es) for determining if / when notification of the incident should be relayed to upper management, and explain how those communications should be structured and relayed through the use of graphical tools in Visio, or an open source alternative such as Dia. Note: The graphically depicted solution is not included in the required page length. 4. Detail the......

Words: 403 - Pages: 2