Issc362 Discussion Response 3Question Description Need to respond to two student discussions with at least 150 words minimum for each response. Below in the bold are the questions the students are responding to.For this weeks post please utilize the items described in the lesson/resources or research conducted on the web to ensure your post contains the following;Consider the phases of incident response listed below. They follow a certain order, but which one(s) do you consider to be the most crucial to the process and why?Incident IdentificationTriageContainmentInvestigationAnalysis and TrackingRecovery and RepairDebriefing and feedback
Student one:Each of the seven phases of incident response has its own purpose and meaning, but arguably, each one also has its own specific value. Their order reflects the logical process by which an incident would be handled, that is to say, you cant perform an investigation prior to identifying the incident, and just the same, you cant recover and repair until you performed an investigation; not really at least.That said, recovery and repair, from an individual business perspective, is probably the most important. For the vast majority of businesses, having a positive revenue is one of the top, if not the top goals. There will of course be other goals such as innovation and consumer awareness and whatnot, but a business cant stay afloat if its always in the red, and investors typically dont want to put their money into a business thats just going to lose it.From an IT or global, if you will, standpoint, I’d say the debriefing and feedback is the most important step. Why? Because everyone wants to know, what happened, how it happened, and how to stop it. For example, zero-day exploits are considered extremely valuable/dangerous. If a software developer never gets feedback on a zero-day exploit so that they can patch their software and defend against it, how can they then defend against it? How will any one of the 10s, 100s, or 1000s, of businesses using that software be able to stop it? Could it be found by someone else? Absolutely, but there is no telling the amount of time in between, and how many times this exploit could be used, and on how many systems it could be used on.So, as noted above, I think perspective plays a huge role in how important each step is, or which step is most important. They each have their own place and purpose, but who you are looking in determines how important each one is to you.-Frank
Student two:There is no doubt about the importance and relevance of each of the phases of the incident response process covered in this weeks lesson. Arguably, incident identification is a crucial process of the seven steps undertaken by an incident response team because it is the sequential step needed to conduct the remaining phases of the response framework. While the seven phases are synergistic with each other, it is my opinion that the most crucial phase within the incident response framework is the debriefing and feedback portion of the response effort. It is the foundation in which the incident response phases are built upon and without this crucial phase, there would be a lack of real progress and implementation of new tactics and techniques by incident response personnel. As it is currently stated, the debriefing and feedback phase (similar to an after-action review) looks at obtaining feedback from everyone involved so that you can determine the reasoning behind the outcome of the incident. This is done by determining what went wrong, what was done right, and how to improve based on that information gathered. It is my belief that this process led to how the phases of incident response came to be, by learning from those mistakes and improving upon the current system of things so that each of the other phases is executed in a better way. This is how teams and organizations become better through the implementation of the feedback gained through a formal debriefing process. What is also good about this phase is the sharing of information among collaborative parties to build upon working relations and partnerships that continually lead to an improvement in security infrastructure, be it virtual or physical in nature. While it is true many organizations will attempt to keep security incidents at a need to know level, the critical information gained from the incident can lead to protective measures for other organizations that prevent needless crime.~Lucas
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.Read more
Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.Read more
Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.Read more
Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.Read more
By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.Read more