Which of the following is NOT an element of the NIST.SP800-61 r2 incident response plan?

Last Updated on August 1, 2021 by Admin 2

Which of the following is NOT an element of the NIST.SP800-61 r2 incident response plan?

  • organizational mission
  • organizational approach
  • siloed approach to communication
  • strategies and goals
Explanation:
Rather than a siloed approach, the incident response approach should encourage and specify communication between the team and the organization and other organizations. In a siloed approach, the team has little communication with the organization and other organizations during the response.

NIST SP 800-61 v2 is the Computer Security Incident Handling Guide. According to this publication, the four major phases of the incident response lifecycle are:

1. Preparation
2. Detection and analysis
3. Containment, eradication, and recovery
4. Post incident analysis

The NIST’s incident response plan elements are:

– Incident response plan’s mission
– Strategies and goals of the incident response plan
– Senior management approval of the incident response plan
– Organizational approach to incident response
– How the incident response team will communicate with the rest of the organization and with other organizations
– Metrics for measuring the incident response capability and its effectiveness
– Roadmap for maturing the incident response capability
– How the program fits into the overall organization

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments