Question

In reference to risk managment strategies, what is the purpose and critical success factors of a computer incident response team and an incident response plan? what are the major parts of an incident response plan?

Answer 1

?The purpose and critical success factors of a computer incident response team and an incedent response plan are as follows:

• The team allows you to quickly pre-establishing the response of an incident and also helps in minimizing the potential damage .
• It helps in reducing the harms that are related with incidents, this helps to save your business.
• It helps to separate ISPs and seurity services and also educate staff and the administrators. It increases general security and helps in corordinating responses from a single point.
• As it prepares everything in advance, the cost can be minimized and also the damages related to this will be minimized.

The major parts of Incident response plan are as follows:

• Preparation: This step inludes the incident response planning to ensure that all the employees of the organization are properly trained about their roles and responsibilities regarding incident response plan.
• Identification: This step includes the checking of whether the incident has breached or not. Identfying about what have breached helps in knowing about the affeted areas quikly.
• Containment: This step inludes deleting everything, when it is discovered that there is a breahed condition developed. You can devise a plan to mitigate from the damages caused by the breached situation.
• Eradication: It helps to identify the root cause of breach and thereby eliminating it then and there. It includes removing all the malwares and all the updates should run on time.
• Recovery: In this step, all the affeted systems are reovered and mostly returned back in the business environment again.
• Lessons Learned: It includes having an after action meeting after the completion of the investigation It includes documenting everthing related to the breach.

?