Canada Incident Response Plan to A Cyber Security Attack Paper develop an eight- to 10-page Incident Response Plan to use in the event of a cyber incident.

Canada Incident Response Plan to A Cyber Security Attack Paper develop an eight- to 10-page Incident Response Plan to use in the event of a cyber incident. Use APA format Step 8: Define Incident Response, Part 1 –
It’s time to begin work on the next phase of the final analysis of the intrusion, which will include
an incident response plan. Such a plan provides a method for containing the impact from a
cybersecurity incident. It includes a plan for file recovery and remediation from an incident. All
the actions will start from the security baseline analysis, which has been defined for all the
nations’ network topologies at the summit, using a network security baseline analyzer.
Your nation team will work together to develop an eight- to 10-page Incident Response Plan to
use in the event of a cyber incident. This is one of your three final deliverables, which you will
submit for feedback as a group, and then for individual assessment at the end of the project.
Begin your first half of the plan by focusing on the environmental conditions and coordination
mechanisms. Include:
1. roles and responsibilities
2. phases of incident response
3. scenario: provide an incident response plan in the case of distributed denial-of-service
(DDoS) attacks, specifically the case of loss of communications
4. activities, authorities pertaining to roles and responsibilities
5. triggering conditions for actions
6. triggering conditions for closure
7. reports and products throughout the incident response activity
8. tools, techniques, and technologies
9. communications paths and parties involved
10. coordination paths and parties involved
11. external partners and stakeholders, and their place in the coordination and
communication paths
12. security controls and tracking
13. recovery objectives and priorities
Your team will continue working on the incident response plan in the next step. You will
consider the processes of an active response.
Step 9: Define Incident Response, Part 2 Your team in this step will continue developing the Incident Response Plan. The second half of
your report will focus on events and processes of your active response plan. Include the
following:
14. incident response checklist. Refer to the NIST Computer Security Incident Handling
Guide for an example.
15. data protection mechanisms
16. integrity controls (system integrity checks) after recovery
17. a plan to investigate the network behavior and a threat bulletin that explains this activity
18. defined triggering mechanisms for continuing alerts and notifications throughout the
cyber incident
19. additional aspects of the incident response plan necessary to contain a cyber incident on
the international domain
20. diagrams of swim lanes of authorities, activities and process flows, coordination and
communication paths. Review the Swim Lane Template to familiarize yourself with the
concept of swim lanes and swim lane diagrams.
You will complete your incident response plan in the next step. Your incident response plan is
critical in outlining your activities during a cyberattack as well as providing direction for
recovery.
Step 10: Execute Incident Response The intrusion activity apparently is not over yet. The CIOs of the nations are still detecting highvolume traffic on their networks. Almost as soon as there is a surge in activity, network functions
and websites immediately become nonoperational. Communications are also affected between
the nation teams.
The CIOs have provided information on the anomalous activity. Enter Workspace to obtain the
lab materials describing the network traffic activity.
After obtaining and reviewing the lab materials, collaborate with your nation team to decide the
next course of action as determined by the eight- to 10-page Incident Response Plan you’ve
been developing. Include an analysis of the lab materials, describing your findings. Provide this
information with your Incident Response Plan, which is one of three final deliverables in this
project.
Once your team has completed the response plan, a designated team member should submit it for
review and feedback. The Incident Response Plan is one of your three final deliverables, which
you will submit for feedback as a group, then for individual assessment at the end of the project.
Step 8: Define Incident Response, Part 1
It’s time to begin work on the next phase of the final analysis of the intrusion, which will
include an incident response plan. Such a plan provides a method for containing the impact
from a cybersecurity incident. It includes a plan for file recovery and remediation from an
incident. All the actions will start from the security baseline analysis, which has been defined
for all the nations’ network topologies at the summit, using a network security baseline
analyzer.
Your nation team will work together to develop an eight- to 10-page Incident Response
Plan to use in the event of a cyber incident. This is one of your three final deliverables, which
you will submit for feedback as a group, and then for individual assessment at the end of the
project.
Begin your first half of the plan by focusing on the environmental conditions and coordination
mechanisms. Include:
1. roles and responsibilities
2. phases of incident response
3. scenario: provide an incident response plan in the case of distributed denial-of-service
(DDoS) attacks, specifically the case of loss of communications
4. activities, authorities pertaining to roles and responsibilities
5. triggering conditions for actions
6. triggering conditions for closure
7. reports and products throughout the incident response activity
8. tools, techniques, and technologies
9. communications paths and parties involved
10. coordination paths and parties involved
11. external partners and stakeholders, and their place in the coordination and
communication paths
12. security controls and tracking
13. recovery objectives and priorities
Your team will continue working on the incident response plan in the next step. You will
consider the processes of an active response.
Step 9: Define Incident Response, Part 2
Your team in this step will continue developing the Incident Response Plan. The second half
of your report will focus on events and processes of your active response plan. Include the
following:
14. incident response checklist. Refer to the NIST Computer Security Incident Handling
Guide for an example.
15. data protection mechanisms
16. integrity controls (system integrity checks) after recovery
17. a plan to investigate the network behavior and a threat bulletin that explains this
activity
18. defined triggering mechanisms for continuing alerts and notifications throughout the
cyber incident
19. additional aspects of the incident response plan necessary to contain a cyber incident
on the international domain
20. diagrams of swim lanes of authorities, activities and process flows, coordination and
communication paths. Review the Swim Lane Template to familiarize yourself with
the concept of swim lanes and swim lane diagrams.
You will complete your incident response plan in the next step. Your incident response plan is
critical in outlining your activities during a cyberattack as well as providing direction for
recovery.
Step 10: Execute Incident Response
The intrusion activity apparently is not over yet. The CIOs of the nations are still detecting
high-volume traffic on their networks. Almost as soon as there is a surge in activity, network
functions and websites immediately become nonoperational. Communications are also
affected between the nation teams.
The CIOs have provided information on the anomalous activity. Enter Workspace to obtain
the lab materials describing the network traffic activity.
After obtaining and reviewing the lab materials, collaborate with your nation team to decide
the next course of action as determined by the eight- to 10-page Incident Response
Plan you’ve been developing.
o Include an analysis of the lab materials, describing your findings. Provide this
information with your Incident Response Plan, which is one of three final deliverables
in this project.
Once your team has completed the response plan, a designated team member should submit it
for review and feedback. The Incident Response Plan is one of your three final deliverables,
which you will submit for feedback as a group, then for individual assessment at the end of
the project.

Purchase answer to see full
attachment