Login Signup
Verified Document

Response Team For Computer Security Term Paper

Related Topics:
Forensics Homeland Security Information Security Computer Network
Open Document Cite Document

Forensics and Computer Security Incident Response Team (csirt) Plan Strategy The objective of this study is to develop and forensics and security incident response team (CSIRT) plan strategy for an organization. It is reported that a "computer security incident response team (CSIRT) is a concrete organizational entity (i.e., one or more staff) that is assigned the responsibility for coordinating and supporting the response to a computer security event or incident. CSIRTs can be created for nation states or economies, governments, commercial organizations, educational institutions, and even non-profit entities. The goal of a CSIRT is to minimize and control the damage resulting from incidents, provide effective guidance for response and recovery activities, and work to prevent future incidents from happening." (Ruefie, 2007, p. 1)Incident management is such that involves the detection and response to issues of security specifically computer related issues and the protection of "critical data, assets, and systems" in order to ensure that no incidents occur. (Ruefie, 2007, p. 1)

Required for incident prevention is involvement from "a wide range of participants across the enterprise." Included are: (1) security analysts, (2) incident handlers, (3) network and system administrators, (4) human resources and public affairs staff, (5) information security...

Parts of this document are hidden

View Full Document
svg-one

(Ruefie, 2007, p. 1)
The CSIRT is described as a "concrete organizational entity (i.e., one or more staff) that is assigned the responsibility of providing part of the incident management capability for a particular organization. When a CSIRT exists in an organization, it is generally the focal point for coordinating and supporting incident response." (Ruefie, 2007, p. 1) Kilcrece (2002) reports that the CSIRT duties include the performance of "at a minimum -- incident handling activities. This entails analyzing and resolving events and incidents that are reported by end users or are observed through proactive network and system monitoring." (Ruefie, 2007, p. 1) Specific duties of CSIRT incident include the following: (1) determining the impact, scope, and nature of the event or incident; (2) understanding the technical cause of the event or incident; (3) identifying what else may have happened or other potential threats resulting from the event or incident; (4) researching and recommending solutions and workarounds; (5) coordinating and supporting the implementation of the response strategies with other parts of the enterprise…

Continue Reading...
Sources used in this document:
References

Killcrece, Georgia; Kossakowski, Klaus Peter; Ruefle, Robin; & Zajicek, Mark. CSIRT Services. (2002).

Ruefie, R. (2007) Defining Computer Security Incident Response Teams. Department of Homeland Security. Retrieved from: https://buildsecurityin.us-cert.gov/articles/best-practices/incident-management/defining-computer-security-incident-response-teams
Cite this Document:
Copy Bibliography Citation

Related Documents

Essay
Computer Security: Corporate Security Documentation Suitable for
Words: 5280 Length: 19 Document Type: Essay

Computer Security: Corporate Security Documentation Suitable for a Large Corporation Item (I) in-Depth Defense Measures (II) Firewall Design (III) Intrusion Detection System (IV) Operating System Security (V) Database Security (VI) Corporate Contingency of Operation (VII) Corporate Disaster Recovery Plan (VIII) Team Members and Roles of Each (IX) Timeline with Goal Description (X) Data Schema (XI) Graphical Interface Design (XII) Testing Plan (XIII) Support Plan (XIV) Schematics Computer Security: Corporate Security Documentation Suitable for a Large Corporation (I) In-Depth Defense Measures Information Technology (IT) Acceptable Use Policy The intentions of

Read More
Essay
Computer Security Briefly Support Your
Words: 2728 Length: 8 Document Type: Term Paper

The public-key cryptography approach also creates a more efficient means of cryptographic security by ensuring RSA-compliant encryption and decryption throughout the secured network (Sarkar, Maitra, 2010). As a result the use of public-key cryptography hardens and makes more secure each connection and node on a network (Chevalier, Rusinowitch, 2010). C3. What will help you trust a public-key that belongs to an unfamiliar person or Web site, and why does it

Read More
Essay
Computer Security People, Process and Technology Are
Words: 4780 Length: 15 Document Type: Capstone Project

Computer Security People, process and technology are three things which are involved in information security. Biometrics, passwords and firewalls are some of the technical measures and these are not enough in justifying threats to information. In order to protect information from destruction and to secure systems, a blend of different procedures is required. While deploying information security some factors need to be considered for instance processes like de-registration and registration

Read More
Essay
Security Awareness the Weakest Link
Words: 8202 Length: 30 Document Type: Case Study

To offer an information security awareness training curriculum framework to promote consistency across government (15). Security awareness is needed to ensure the overall security of the information infrastructure. Security awareness programs is the can help organizations communicate their security information policies, as well as tips for users, to help keep systems secure, and the practices the entire organization should be utilizing. However, as Kolb and Abdullah reiterate, "security awareness is not

Read More
Essay
Security Plan the Maryland Public
Words: 2681 Length: 9 Document Type: Case Study

This is sensitive information that should be securely stored. The records contain confidential information that could be used in identity theft. The records should be securely stored either in soft copy or hard copy. Only authorized personnel should have access to these records. Audit trails should be installed to keep track of the personnel who access the records. The authorized personnel should be analyzed and background checks conducted. Strict

Read More
Essay
Security Information Is the Power. The Importance
Words: 5012 Length: 15 Document Type: Term Paper

Security Information is the Power. The importance of collecting, storing, processing and communicating the relevant information presently is viewed as crucial in order to achieve success in almost all the fields be it business firms, individuals or organizations. An integrated set of components assisting collection, store, process and communication of information is termed as information system. Increasing dependence on information systems is noticed in order to excel in the respective fields

Read More

Sign Up for Unlimited Study Help

Our semester plans gives you unlimited, unrestricted access to our entire library of resources —writing tools, guides, example essays, tutorials, class notes, and more.

Get Started Now