Describe the goals of the given CSIRT Implementing Cisco Cybersecurity Operations (210-255) A Computer Security Incident Response Team (CSIRT) can come in several different forms. Internal CSIRT – an Internal CSIRT is established by an organization to handle incident response for their own organization. National CSIRT – National CSIRTs provide services for a nation and […]

Read More »

Map the organization stakeholders against the NIST IR categories (C2M2, NIST.SP800-61 r2) Implementing Cisco Cybersecurity Operations (210-255) The best I could find for this topic were the stakeholders defined by the Cybersecurity Capability Maturity Model (C2M2) documentation as listed below. Decision makers (executives) who control the allocation of resources and the management of risk in […]

Read More »

Map elements to these steps of analysis based on the NIST.SP800-61 r2 Implementing Cisco Cybersecurity Operations (210-255) NIST.SP800-61 r2 defines an Incident Response Life Cycle as shown above. For the SECOPS test, it is necessary to know some of the common elements of the steps in the Incident Response Life Cycle. Preparation Gather Useful Information […]

Read More »

Describe the elements that should be included in an incident response plan as stated in NIST.SP800-61 r2 Implementing Cisco Cybersecurity Operations (210-255) NIST’s SP 800-61 was developed to help organizations formulate incident response plans. It can be found here. Each organization’s incident response plan will be different. There are some key elements that occur in […]

Read More »