Lab Assignment Worksheet: Creating a CIRT Response Plan for a Typical IT Infrastructure
Overview
In this lab, you explained how CIRT plans mitigate risks, you identified where CIRT monitoring and security operation tasks occur throughout an IT infrastructure, you identified the security controls and countermeasures that mitigate risk, and you created a CIRT response plan.
Lab Assignment Questions & Answers
1. What risk-mitigation security controls or security countermeasures do you recommend for the portion of the network for which you created a CIRT response plan? Explain your answer.
2. How does a CIRT plan help an organization mitigate risk?
3. How does the CIRT post-mortem review help mitigate risk?
4. Why is it a good idea to have a protocol analyzer as one of your incident response tools when examining Internet Protocol (IP) Local Area Network (LAN) network performance or connectivity issues?
5. Put the following in the proper sequence:
• Identification:
• Containment:
• Post-Mortem Review:
• Eradication:
• Preparation:
• Recovery:
6. Which step in the CIRT response methodology relates back to the recovery time objective (RTO) for critical IT systems?
7. Which step in the CIRT response methodology requires proper handling of digital evidence?
8. Which step in the CIRT response methodology requires review with executive management?
9. Which step in the CIRT response methodology requires security applications and tools readiness?