0% found this document useful (0 votes)

19 views6 pages

Sainik

Uploaded by

sushil

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as TXT, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

19 views6 pages

Sainik

Uploaded by

sushil

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as TXT, PDF, TXT or read online on Scribd

You are on page 1/ 6

Functional unit

no
Inform functional

Supervisor

unit supervisor

actions.
yes

Functional Unit Supervisor's Actions

Is it a
Functional unit
recognized Report
incident to Ongoing
Supervisor yes
security
Security Unit incident
actions.
incident?

Verify configuration.
Record current status
of environment.

Contain, isolate and

Create status Security Unit

characterize the Has 24
hours passed? yes

report to security support and

problem for up to 2

unit monitoring.
hours

Inform
security unit
Incident has been
of un-
no
characterized
characterized

incident

yes

Incident with previously

Follow unit's

Submit incident
documented mitigation yes
procedures to End of incident

report to ISO
steps?
resolve.

109 Security Incident Response Flow Diagram

SECURITY INCIDENT FLOW
Security Incident Investigation
DIAGRAM PAGE 2
Search for new
security incidents
with known
Security Unit information
Incident
Security
Functional unit
support and
Response team
incident? no
no provides report to
monitoring.
recommended or

ISO
Advise on actions
requested?
to take in the event
a security incident
is established
yes

End of incident

Incident Response Team

yes

CIO and CISO invoke

Team ensures
Supervisor informs
Incident response team
an incident response
containment or
their Executive
leader (ISO or
Ongoing team to be formed with
isolation of the
Management.
designee) executes
incident appropriate
incident
ISO informs CISO.
team formation
membership.

procedure
Mitigate further
Co-ordinate other
Protect and collect all
Communicate to
damage or loss to
resources, SMEs,
available information for
management and
data or the
vendors and
forensic analysis
PIOs
infrastructure
appropriate authorities.

Follow published
Functional unit(s)
structured
for impacted area(s)
methodology Analyze all available
will publish
guidelines and best information
workarounds, fixes
practices
and

recommendations

Implement
Publish new or modify
recomendations.
existing guidelines, best
no
Hold a post incident

practices,

meeting
Restore normal
configurations. and
operations
checklists.
yes

Report out
as
necessary to
Publish Security
CIO and CISO approve management
teams, Incident Report Form. End of incident
recommendations and PIOs and
appropriate Disband incident team.
restoration of service?
authorities

109 Security Incident Response Flow Diagram

Help
No ratings yet
Help
6 pages
Arguement
No ratings yet
Arguement
5 pages
Predictions
No ratings yet
Predictions
5 pages
Lesson 5 - Incident Management
No ratings yet
Lesson 5 - Incident Management
21 pages
CSIHF Incident Form Checklist
No ratings yet
CSIHF Incident Form Checklist
1 page
Incident Handling - Step by Step
100% (1)
Incident Handling - Step by Step
27 pages
Incident Report Form
100% (1)
Incident Report Form
3 pages
Incident Response Lifecycle
No ratings yet
Incident Response Lifecycle
4 pages
109 Security Incident Response Flow Diagram
100% (3)
109 Security Incident Response Flow Diagram
2 pages
Week 11 - BK
No ratings yet
Week 11 - BK
14 pages
Incident Handling-1
No ratings yet
Incident Handling-1
68 pages
Chapter 1
No ratings yet
Chapter 1
4 pages
Incident Response Essentials
No ratings yet
Incident Response Essentials
3 pages
Ilovepdf Merged Pagenumber
No ratings yet
Ilovepdf Merged Pagenumber
19 pages
Incident Response Guide
No ratings yet
Incident Response Guide
15 pages
OTML Incident Investigation Report Template
No ratings yet
OTML Incident Investigation Report Template
13 pages
Cyberops Course
No ratings yet
Cyberops Course
3 pages
SOC Framework: Strategies & Processes
No ratings yet
SOC Framework: Strategies & Processes
34 pages
Incident Response Checklist
No ratings yet
Incident Response Checklist
3 pages
SAF-WP-IMS-007-Rev-01 (IRI Procedure)
No ratings yet
SAF-WP-IMS-007-Rev-01 (IRI Procedure)
42 pages
Cyber Analyst
No ratings yet
Cyber Analyst
36 pages
Workplace Safety Incident Form
No ratings yet
Workplace Safety Incident Form
3 pages
NAS Safety Culture Toolkit Incident Investigation Review Job Aid FINAL
No ratings yet
NAS Safety Culture Toolkit Incident Investigation Review Job Aid FINAL
1 page
16-Module 5-14-09-2024
No ratings yet
16-Module 5-14-09-2024
26 pages
Hira Mechanical
No ratings yet
Hira Mechanical
16 pages
Cybersecurity Incident Response Guide
No ratings yet
Cybersecurity Incident Response Guide
25 pages
CIRT Policy for ABC Credit Union
No ratings yet
CIRT Policy for ABC Credit Union
8 pages
Audit Report
No ratings yet
Audit Report
3 pages
Incident Response Ebook PDF
No ratings yet
Incident Response Ebook PDF
38 pages
Security Plan 5
No ratings yet
Security Plan 5
7 pages
Cyber Incident Response Guide
100% (2)
Cyber Incident Response Guide
10 pages
Incident Response
100% (1)
Incident Response
6 pages
Incident Response Notes
No ratings yet
Incident Response Notes
36 pages
Incident Response for IT Managers
No ratings yet
Incident Response for IT Managers
34 pages
Incident Investigation Report
No ratings yet
Incident Investigation Report
2 pages
Cyber Incident Response
100% (1)
Cyber Incident Response
10 pages
IRTD Unit - 2
No ratings yet
IRTD Unit - 2
30 pages
Sound The Alarm - Detection and Response
No ratings yet
Sound The Alarm - Detection and Response
34 pages
Security Incident Response Plan HL
100% (1)
Security Incident Response Plan HL
6 pages
Network Incident Response Plan
No ratings yet
Network Incident Response Plan
5 pages
IRM LabArtefacts 2023
No ratings yet
IRM LabArtefacts 2023
11 pages
Workplace Injury Investigation Report
No ratings yet
Workplace Injury Investigation Report
2 pages
SSCP Book Chapter03 (Incident Response and Recovery) Notes
No ratings yet
SSCP Book Chapter03 (Incident Response and Recovery) Notes
22 pages
Running Head: Incident Response Plan Responsibility Chart1
No ratings yet
Running Head: Incident Response Plan Responsibility Chart1
7 pages
Security Operations Analysis r8pndl
100% (1)
Security Operations Analysis r8pndl
79 pages
RPSG-IMS-HS-F - 01 - Hazard Observation Card
100% (1)
RPSG-IMS-HS-F - 01 - Hazard Observation Card
2 pages
Works Inside The Underground Tanks
No ratings yet
Works Inside The Underground Tanks
1 page
Cybersecurity Incident Management
No ratings yet
Cybersecurity Incident Management
12 pages
Incident ResponseWA
No ratings yet
Incident ResponseWA
9 pages
Chapter 6 Incident Managment Business Continutiy and Disaster Recovery
No ratings yet
Chapter 6 Incident Managment Business Continutiy and Disaster Recovery
109 pages
Incident Response in Cybersecurity: Yasemin AĞIRBAŞ
No ratings yet
Incident Response in Cybersecurity: Yasemin AĞIRBAŞ
7 pages
UNIT-1 Incident Response Process 1.incident Detection and Identification
No ratings yet
UNIT-1 Incident Response Process 1.incident Detection and Identification
12 pages
Incident Report Template
No ratings yet
Incident Report Template
3 pages
Incident Handling & Response Guide
No ratings yet
Incident Handling & Response Guide
20 pages
SN - Sounding The Alarm - Dectection & Response
No ratings yet
SN - Sounding The Alarm - Dectection & Response
9 pages
Automate Response: Did You Know?
No ratings yet
Automate Response: Did You Know?
10 pages
InfoSec Incident Management Guide
No ratings yet
InfoSec Incident Management Guide
7 pages
Presentation 9FUG65QeGYzp0ev2Y83Q
No ratings yet
Presentation 9FUG65QeGYzp0ev2Y83Q
6 pages
Remote-Access Vpns (3.3.2.2) : Telecommuters
No ratings yet
Remote-Access Vpns (3.3.2.2) : Telecommuters
1 page
Core Campus Design
No ratings yet
Core Campus Design
15 pages
Configuration - Linkaggregation, MLT, and SMLT: Nortel Ethernet Routing Switch 8600
No ratings yet
Configuration - Linkaggregation, MLT, and SMLT: Nortel Ethernet Routing Switch 8600
1 page
Sampati
No ratings yet
Sampati
5 pages
Free Directly Variable Cost Powerpoint Template
No ratings yet
Free Directly Variable Cost Powerpoint Template
5 pages
Presentation 9FUG65QeGYzp0ev2Y83Q
No ratings yet
Presentation 9FUG65QeGYzp0ev2Y83Q
4 pages
Solicitor
No ratings yet
Solicitor
3 pages
Presentation 9FUG65QeGYzp0ev2Y83Q
No ratings yet
Presentation 9FUG65QeGYzp0ev2Y83Q
2 pages
Red Team Analyst CRTA
No ratings yet
Red Team Analyst CRTA
9 pages
Task 3: Verify The Ipsec VPN Operation.: Step 1: Display Isakmp Security Associations
No ratings yet
Task 3: Verify The Ipsec VPN Operation.: Step 1: Display Isakmp Security Associations
3 pages
Sensitivity: Internal & Restricted
No ratings yet
Sensitivity: Internal & Restricted
4 pages
About This Guide
No ratings yet
About This Guide
2 pages
Nortel Ethernet Routing Switch 8600
No ratings yet
Nortel Ethernet Routing Switch 8600
4 pages
About This Guide
No ratings yet
About This Guide
2 pages
Linux
No ratings yet
Linux
2 pages
About This Guide
No ratings yet
About This Guide
2 pages
About This Guide
No ratings yet
About This Guide
2 pages
About This Guide
No ratings yet
About This Guide
2 pages
VMware Horizon With F5 BIG-IP vs. Citrix XenDesktop With Citrix NetScaler
No ratings yet
VMware Horizon With F5 BIG-IP vs. Citrix XenDesktop With Citrix NetScaler
34 pages
English vs Indonesian Job Application Letters
No ratings yet
English vs Indonesian Job Application Letters
4 pages
Northern Star
No ratings yet
Northern Star
8 pages
Hack Tools
No ratings yet
Hack Tools
6 pages
Lunch and Learn PPT Template
No ratings yet
Lunch and Learn PPT Template
39 pages
ISACA CISA v2021-04-23 q299
100% (1)
ISACA CISA v2021-04-23 q299
73 pages
Log File
No ratings yet
Log File
1 page
Wgot
No ratings yet
Wgot
2 pages
Do's and Dont's For Security Personnel
33% (3)
Do's and Dont's For Security Personnel
2 pages
Byzantine Generals Problem Solutions
100% (1)
Byzantine Generals Problem Solutions
38 pages
RFID Electronic Asset Tracking
No ratings yet
RFID Electronic Asset Tracking
17 pages
Electronic Transaction Act 2063: NITC/Ministry of Environment, Science and Technology)
No ratings yet
Electronic Transaction Act 2063: NITC/Ministry of Environment, Science and Technology)
29 pages
FA21Q en
No ratings yet
FA21Q en
12 pages
Appendix To MA: DC: Agent Work at Home Agreement For Telia
No ratings yet
Appendix To MA: DC: Agent Work at Home Agreement For Telia
2 pages
ILSD FR 001 Rev 007 CHR Clearance Application Form 1
No ratings yet
ILSD FR 001 Rev 007 CHR Clearance Application Form 1
2 pages
Datesheet For Vocational Courses 20230120t103748853z
No ratings yet
Datesheet For Vocational Courses 20230120t103748853z
3 pages
Web Portal Proposal for Clients
No ratings yet
Web Portal Proposal for Clients
6 pages
UD20195B B - Baseline - Multi Lingual - Video Intercom 6 Series Villa Door Station - QSG - V2.2.3
No ratings yet
UD20195B B - Baseline - Multi Lingual - Video Intercom 6 Series Villa Door Station - QSG - V2.2.3
4 pages
SABicorp IPS Ev1
No ratings yet
SABicorp IPS Ev1
40 pages
Document For Smart Routing Management
No ratings yet
Document For Smart Routing Management
2 pages
WF007008 (Slides) WF - HLR Subscriber Management - 20070815-B-1.0
No ratings yet
WF007008 (Slides) WF - HLR Subscriber Management - 20070815-B-1.0
46 pages
Wells Fargo Password Sharing
0% (1)
Wells Fargo Password Sharing
3 pages
SAP ERP Guide: Modules & Solutions
100% (5)
SAP ERP Guide: Modules & Solutions
60 pages
SAFETY HEALTH SECURITY AND ETHICS Notes
No ratings yet
SAFETY HEALTH SECURITY AND ETHICS Notes
22 pages
Service Manual SDS1000CML Service Manual
No ratings yet
Service Manual SDS1000CML Service Manual
61 pages
DP Closing Form
No ratings yet
DP Closing Form
1 page
Unit 5 - Situational Report (SITREP) Alert Writing
No ratings yet
Unit 5 - Situational Report (SITREP) Alert Writing
13 pages
Development of A Vision - Based Anti-Drone Identification Friend or Foe Model To Recognize Birds and Drones Using Deep Learning
No ratings yet
Development of A Vision - Based Anti-Drone Identification Friend or Foe Model To Recognize Birds and Drones Using Deep Learning
30 pages
CodeMeter Vulnerability Alert
No ratings yet
CodeMeter Vulnerability Alert
2 pages
2.2.1.10 Lab - Create User Accounts
No ratings yet
2.2.1.10 Lab - Create User Accounts
9 pages

Sainik

Uploaded by

Sainik

Uploaded by

Functional unit

Functional Unit Supervisor's Actions

Contain, isolate and

Create status Security Unit

report to security support and

Incident with previously

109 Security Incident Response Flow Diagram

Incident Response Team

CIO and CISO invoke

109 Security Incident Response Flow Diagram

You might also like