A) C B) P C) Using NISTs SP 800-61 Computer Security Incident Handling Guide), develop an Incident Response Plan (IRP) that will address one or more of your security risks that you identified in your Risk Assessment. Google and find other actual IRPs on the Internet and review to see what type of information is included. At a minimum, your plan should include the following sections: · who will respond to the incident and notification/escalation procedures? Who is responsible for writing the IRP? · specify a training frequency · How (and how often) will you test the plan? · What defines an incident? Define some security incidents that you may encounter on your network. · What happens when an incident is detected? · How will you report and track incidents? What about capturing lessons learned? · Select one of your security risks identified in your Risk Assessment. Prepare procedures for addressing the incident in the event that the incident actually happens. In this section, address the following subsections o Preparation o Detection and Analysis o Containment o Eradication o Recovery and Post-Incident Activity (see Appendix A)
