CSIRT – Computer Security Incident Response Team
CSIRT – “One particular organizational entity that may be established to help coordinate and manage the incident management process in an organization is a computer security incident response team” (us-cert.gov)
The team’s mission is to focus on minimizing damage, and recovering quickly. Responsibility: Collects and analyzes all evidence, determines root cause, directs the other security analysts, and implements rapid system and service recovery
CSIRT incident handling activities include:
• determining the impact, scope, and nature of the event or incident
• understanding the technical cause of the event or incident
• identifying what else may have happened or other potential threats resulting from the event or incident
• researching and recommending solutions and workarounds
• coordinating and supporting the implementation of the response strategies with other parts of the enterprise or constituency,1 (Links to an external site.) including IT groups and specialists, physical security groups, information security officers (ISOs), business managers, executive managers, public relations, human resources, and legal counsel
• disseminating information on current risks, threats, attacks, exploits, and corresponding mitigation strategies through alerts, advisories, Web pages, and other technical publications
• coordinating and collaborating with external parties such as vendors, ISPs, other security groups and CSIRTs, and law enforcement
• maintaining a repository of incident and vulnerability data and activity related to the constituency that can be used for correlation, trending, and developing lessons learned to improve the security posture and incident management processes of an organization
For your assignment, you work in the information security department of a hospital. You are responsible for all CERTs that are reported at the national level that impact the hospital’s systems/infrastructure.
You will be responding to this vulnerability listed below. :
https://www.kb.cert.org/vuls/id/119704/ (Links to an external site.)
Microsoft Windows Task Scheduler SetJobFileSecurityByName privilege escalation vulnerability
Following the guidelines in the syllabus, document who, what, and how the CSIRT will respond to this CERT. You can approach this as a bullet point format with steps/roles or in research paper form all in APA format. I want to be able to see that you understand the different facets of incident response.
Main focus: Understand CSIRT process and be able coordinate and respond to CERT.
• Short paper on topic (4-5 pgs)*
We value our customers and so we ensure that what we do is 100% original..
With us you are guaranteed of quality work done by our qualified experts.Your information and everything that you do with us is kept completely confidential.
At homeworkcheg.com, You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.Read more
The Product ordered is guaranteed to be original. Orders are checked by the most advanced anti-plagiarism software in the market to assure that the Product is 100% original. The Company has a zero tolerance policy for plagiarism.Read more
The Free Revision policy is a courtesy service that the Company provides to help ensure Customer’s total satisfaction with the completed Order. To receive free revision the Company requires that the Customer provide the request within fourteen (14) days from the first completion date and within a period of thirty (30) days for dissertations.Read more
The Company is committed to protect the privacy of the Customer and it will never resell or share any of Customer’s personal information, including credit card data, with any third party. All the online transactions are processed through the secure and reliable online payment systems.Read more
By placing an order with at HomeworkCheg, you agree to the service we provide. We will endear to do all that it takes to deliver a comprehensive paper as per your requirements. We also count on your cooperation to ensure that we deliver on this mandate.Read more