Professional Documents
Culture Documents
Mega Corp Assignment
Mega Corp Assignment
1. Preparation
Preparation is the first stage of incident response and essential for every organization and it
prepared the organization for the worst. It identifies the starting and recovering of an incident
and defines a way how to get everything back to a normal stage? It also creates and established
security policies.
2. Identification
The process of identification is to identify the actual incident. Initially you want the answer of
one or more unusual activity, from your team? After the answer has been established you would
check the affected system and its areas to identify the actual incident.
3. Containment
Once the incident identified by your team, then next is to containing the issue and for this the
Now your team comes to know what actually happened to your computer or system.
5. Eradication
It is the process of get rid of the actual issue. The restriction for this process is that it should take
6. Recovery
Recovery is the process of back to normal after you got rid of the issue from infected computer,
7. Follow-Up
After everything has been returned to normal there are a few follow-up questions that should be
IT Assets
To bring changes to your IT structure and assets build business cases that help in govern and
measure of delivery of information technology. The design of roadmaps of IT must be sync with
functional and business goals and also the roles of stakeholder and responsibilities must be
defined. Works with your team which manages the investments to your business processes and
maximize value and assesses use of existing technology and operations, modernize infrastructure
“Project controls are the data gathering, management and analytical processes used to predict,
understand and constructively influence the time and cost outcomes of a project or program;
through the communication of information in formats that assist effective management and
Development of project strategy by defining methods that will enhance the outcomes of
project.
Risk management that will include assessing and analyzing of risks for a project and
cataloging risks happened in past and overcoming the question of avoid future risks?
To properly respond and address the incidents across the organization, a centrally organized team
must be prepared to response these incidents. This team will handle the incidents across the
organization and responsible for analyzing breaches of organization’s security and would be able
to taking any necessary responsive measures in case of any incident (Holley, James, 2001). This
IR team should consist of the core of people which are listed below;
Incident Response Manager: The team manager would responsible for the appropriate
actions against the incidents and also oversees and prioritizes actions during the
conveying the special requirements for incidents that are of high severity to the rest of the
organization.
Security Analysts: The team of security analysts would be on the back of manager that
work directly with the affected network to research and analysis the time, location and
incident’s further details. The two types of analysts are listed below;
Triage Analysts: This team filters out false positive and watch for potential
intrusions.
Forensic Analysts: Their works is to recovery of key artifacts and maintain
http://crime.about.com/newsissues/crime/gi/dynamic/offsite.htm?site=http%3A% 2F%2Fknock-