Assessment Description
Prior to or when security measures fail, it is essential to have in place several response strategies.
Create an incident response plan that can immediately protect digital assets in the event of an attack, breach, or penetration. The incident response plan should include (but is not limited to):
Procedures to initially identify and document an incident
Procedures that will inform tactical operational managers, internal and external stakeholders, and/or individuals affected
Procedures to investigate the breach, to mitigate harm to individuals, and to protect against further breaches
Enforcement mechanisms for breaches and non-adherences
Procedures to assess the damage to the organization and estimate both the damage cost and the cost of the containment efforts
Procedures to review response and update policies
APA style is not required, but solid academic writing is expected.
Refer to "CYB-690 Incident Response Management Scoring Guide," prior to beginning the assignment to become familiar with the expectations for successful completion.
CYB- 690 Incident Response Management Scoring Guide Performance Level Ratings Meets Expectations Performance consistently met expectations in all essential areas of the assignment criteria, at times possibly exceeding expectations, and the quality of work overall was very good. The most critical goals were met. Near Expectations Performance did not consistently meet expectations. Performance failed to meet expectations in one or more essential areas of the assignment criteria, one or more of the most critical goals were not met. Below Expectations Performance was consistently below expectations in most essential areas of the assignment criteria, reasonable progress toward critical goals was not made. Significant improvement is needed in one or more important areas. Criteria Below Expectations Near Expectations Meets Expectations Earned The student presents a comprehensive incident response plan to include: Procedures to initially identify and document an incident 0 pts – 9 pts 10 pts – 14 pts 15 pts Procedures that will inform tactical operational managers, internal and external stakeholders, and/or individuals affected 0 pts – 6 pts 7 pts – 9 pts 10 pts Procedures to investigate the breach, to mitigate harm to individuals, and to protect against further breaches 0 pts – 9 pts 10 pts – 14 pts 15 pts Enforcement mechanisms for breaches and non-adherences 0 pts – 6 pts 7 pts – 9 pts 10 pts Procedures to assess the damage to the organization and estimate both the damage cost and the cost of the containment efforts 0 pts – 9 pts 10 pts – 14 pts 15 pts Procedures to review response and update policies 0 pts – 2 pts 3 pts – 4 pts 5 pts Prose is largely free of mechanical errors. The writer uses a variety of effective sentence structures, figures of speech, and industry terminology. 0 pts – 2 pts 3 pts – 4 pts 5 pts TOTAL /75 Instructor Feedback