TermPaperWarehouse.com - Free Term Papers, Essays and Research Documents

The Research Paper Factory

Free Essay

Week3 Chp2

In:

Submitted By yalavarthi78
Words 1390
Pages 6
Home Computer Incident Response Plan

Introduction
This paper contains a brief Incident response for my home computers. For the purpose of this paper two departments introduced, User department and Technology services department.
Virus Attack

Before Attack
Users
* Keep anti-virus software running? * Update virus signatures at least weekly. * Attend virus awareness training. * Learn how to detect and take basic steps during a virus attack. * Perform back-ups of vulnerable data on a regular basis. * Rotate most current backup media offsite.

Technology Services * Provide education and training about virus attack awareness. * Provide education about the dangers and attack profiles of the most prevalent kinds of malware attacks. * Instruct users about proper method for data backups. * Randomly test backups using restores to ensure the quality of the backup procedures, the training, and the quality of the media. * Provide offsite backup media service. * Ensure that a current Incident Response Plan is in place to deal with active attacks and post attack situations.

After an Attack
Users
* Work with Technology services to determine the extent of data loss. * Work with Technology Services to determine the root causes. * Work with Technology Services to provide input updates to the Lessons Learned * Work with Technology Services to provide input updates to the Incident Response Plan * Work with Technology Services to provide input updates to the Security Awareness Training * After Technology Services performs the restore, verify that the data restored properly.
Technology Services * Inspect equipment to ensure there was no permanent damage. * Obtain current backup media from offsite. * Assess the extent of the damage and to determine if the attack is over * Determine if the virus has polymorphed itself into a form were it is no is a quiescent state, waiting for some random period of to launch a new attack from the inside. * Perform a restore. * Review the incident to determine how the incident happened. * Determine how to increase controls to prevent future occurrences. * Update the Lessons Learned Log. * Update the Security Education materials to incorporate the Lessons Learned.
Update the Incident Response Plan, if necessary to incorporate Lessons Learned.
During Attack
Users
* Follow training instructions that tell the user what to do when a computer is identified as being under attack. * If possible, disconnect the network cable. * If the computer is a wireless network device, shut it down immediately. * Do not attempt to fix the problem. * Do not destroy or tamper with anything, because it could be evidence if a crime occurred.
Technology Services * Be available for contact at an emergency contact number in case a computer comes under attack. * Follow the Incident response plan and help the user to remain calm. * Do not destroy or tamper with anything, because it could be evidence if a crime occurred. * Contact the owner to inform them that an attack is in progress.
Power Failure

Before Attack
Users
* Attend Information Security Awareness Training that includes information about procedures for handling power outages * Ensure that all computer equipment is working normally. * Ensure that computers with critical data have an emergency UPS power supply and it the computer is plugged into the UPS, and working properly with the UPS, * Ensure that the battery will allow time for proper shutdown. * Perform back-ups of vulnerable data on a regular basis. * Rotate most current backup media offsite. * Have a flashlight with good batteries handy in case there is a power failure.
Technology Services * Ensure that the Information Security Awareness Training that includes information about procedures for handling power outages. * Ensure that the Information Security Awareness Training which includes information about Power Outages has been conducted with the user. * Ensure that all computer equipment is working normally. * Ensure that computers with critical data have an emergency UPS power supply and that the battery will allow time for proper shutdown. * Instruct users about proper method for data backups. * Randomly test backups using restores to ensure the quality of the backup procedures, the training, and the quality of the media. * Provide offsite backup media service.
After an Attack
Users
* Work with Technology services to determine the extent of data loss. * Work with Technology Services to determine the root causes. * Work with Technology Services to provide input updates to the Lessons Learned * Work with Technology Services to provide input updates to the Incident Response Plan * Work with Technology Services to provide input updates to the Security Awareness Training * After Technology Services performs the restore, verify that the data restored properly
Technology Services * Inspect equipment to ensure there was no permanent damage. * Obtain current backup media from offsite. * Assess the extent of the damage and to determine if the power outage is over * Perform a restore. * Review the incident to determine how the incident happened. * Determine how to increase controls to prevent future occurrences. * Update the Lessons Learned Log. * Update the Security Education materials to incorporate the Lessons Learned * Update the Incident Response Plan, if necessary to incorporate Lessons Learned
During Attack
Users
* Follow training instructions that tell the user what to do when a power failure occurs * Do not attempt to fix the problem. * Do not destroy or tamper with anything, because it could be evidence if a crime occurred. * Use a flashlight to get to a safe place.
Technology Services * Be available for contact at an emergency contact number in case a power failure occurs. * Follow the Incident response plan and help the user to remain calm. * Do not destroy or tamper with anything, because it could be evidence if a crime occurred. * Contact the owner to inform them that a fire is in progress.
Water Pipe

Before Attack
Users
* Attend Information Security Awareness Training that includes information about procedures for handling burst water pipes. * Ensure that all computer equipment is working normally. * Ensure that there are water pressure detectors nearby. * Perform back-ups of vulnerable data on a regular basis. * Rotate most current backup media offsite. * Have a flashlight with good batteries handy in case there is a power failure associated with the fire.
Technology Services

* Ensure that the Information Security Awareness Training that includes information about procedures for handling burst water pipes. * Ensure that the Information Security Awareness Training which includes information about burst water pipes has been conducted with the user. * Ensure that all water pressure detectors are working normally. * Instruct users about proper method for data backups. * Randomly test backups using restores to ensure the quality of the backup procedures, the training, and the quality of the media. * Provide offsite backup media service. * Obtain current backup media from offsite. * Assess the extent of the damage and to determine if the power outage is over * Perform a restore. * Provide offsite backup media service
After an Attack
Users
* Do not destroy or tamper with anything, because it could be evidence if a crime occurred. * Work with Technology services to determine the extent of data and equipment loss. * Work with Technology Services to acquire new equipment if necessary. * Work with Technology Services to determine the root causes. * Work with Technology Services to provide input updates to the Lessons Learned * Work with Technology Services to provide input updates to the Incident Response Plan * Work with Technology Services to provide input updates to the Security Awareness Training * After Technology Services performs the restore, verify that the data restored properly
Technology Services * Do not destroy or tamper with anything, because it could be evidence if a crime occurred. * Assess the extent of the damage. * Determine if new equipment is required. If so, work through the owner to purchase it. * Obtain current backup media from offsite. * Perform a restore. * Review the incident to determine how the incident happened. * Determine how to increase controls to prevent future occurrences. * Update the Lessons Learned Log. * Update the Security Education materials to incorporate the Lessons Learned. * Update the Incident Response Plan, if necessary to incorporate Lessons Learned
During Attack
Users
* Call Technology Services. * Follow training instructions that tell the user what to do when a burst water pipe occurs. * Turn off computer equipment. * If the flooding becomes severe, evacuate the building.
Technology Services * Be available for contact at an emergency contact number in case a burst water pipe occurs. * Follow the Incident response plan and help the user to remain calm. * Do not destroy or tamper with anything, because it could be evidence if a crime occurred. * Contact the owner to inform them that a burst water pipe situation is in progress.

Similar Documents

Popular Essays

Comapany Data Essay
Insurance Matrix Essay
Education Preparedness Essay
Covidien Company Info Essay
Air Canada Maitenix Essay
Workplace Ethical Dilemma Essay