Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

According to “Introduction to Information Security: A Strategic-based Approach”

ID: 3581345 • Letter: A

Question

According to “Introduction to Information Security: A Strategic-based Approach” book, five steps can be used to summarize the computer security incident handling process: identification, containment, eradication, recovery, and lessons learned. In the following: Alberts, Chris and Dorofee, Audrey and Killcrece, Georgia and Ruefle, Robin and Zajicek, Mark, "Defining incident management processes for CSIRTs: A work in progress" [http://www.sei.cmu.edu/reports/04tr015.pdf], Software Engineering Institute, CERT Coordination Center (2004). Incident response is defined differently, it is defines as? How are the two summaries related?

Explanation / Answer

In the security and CSIRT community,incident response and incident handling are used to define the activities of a CSIRT.Incident response is one process,which is the last step in incident handling.They beliebe that incident handling and incident response are a part of the range of work that can be done which actually bound a larger set of activities that we refer to as incident management. Incident response is the process that includes the planning, coordination, and execution of any appropriate mitigation and recovery strategies and actions.

        The scope of our definition of incident management is preventing and handling computer security incidents. This includes identifying and minimizing the impact of technical liabilities in software or hardware that may expose computing infrastructures to attacks or compromise, thereby causing incidents. The boundary line between the two is often depends on the structure of an organization’s security or incident management capabilities. Security management bounds all of the functions and actions necessary to secure and protect an organization’s critical assets, and this is much broader in scope than incident management.

          Security management includes risk management, audit, access control, account management, asset management, physical security, security policies, configuration management, change and patch management, disaster recovery, and business continuity. Security management applies risk management approaches to help choose the most effective course of action. Incident management may use many of these capabilities,such as patch management, configuration management, or security policies. But incident management is not responsible for establishing and maintaining these capabilities. Security management provides a framework within which the execution of incident management processes occurs.

Related Questions

According to the working memory model, the “visuospatial sketchpad”: Question 6
Question #3502536
According to the z-scores, would the life spans of any of these tires be conside
Question #3174940
According to the “In the News” below, In the News: Joe Camel Acquires Newport In
Question #1219800
According to the “World View” below, World View: China Cuts Reserve Requirements
Question #1203851
According to the “World View” below, World View: Glaring Inequalities In Namibia
Question #1208671
According to the “World View” below, World View: The Way We Give Philanthropy Ca
Question #1210503
According to the “season’s cleaning” article, the U.S. Department of Energy repo
Question #2959612
According to theU.S. Census Bureau, the mean household income in the United Stat
Question #2914999
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
According to your textbook, which of the following would not constitute an eleme
Next
According tothe Gallup poll, 27% of U.S. adults have high levels of cholesterol.

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.