Federal Government Cybersecurity Incident and Vulnerability Response Playbooks 英文版TLP:WHITE m o c . 5 b u h t i g Cybersecurity Incident & Vulnerability Response Playbooks Operational Procedures for Planning and Conducting Cybersecurity Incident and Vulnerability Response Activities in FCEB Information Systems Publication: November 2021 Cybersecurity and Infrastructure Security Agency DISCLAIMER: This document is marked TLP:WHITE. Disclosure is not limited. Sources may use TLP:WHITE when information carries minimal or no foreseeable risk of misuse, in accordance with applicable rules and procedures for public release. Subject to standard copyright rules, TLP:WHITE information may be distributed without restriction. For more information on the Traffic Light Protocol, see https://www.cisa.gov/tlp/. TLP:WHITE TLP:WHITE CONTENTS Introduction ............................................................................................................................................ 3 Overview ............................................................................................................................................ 3 Scope ................................................................................................................................................. 3 Audience ............................................................................................................................................ 4 Incident Response Playbook .................................................................................................................. 5 Incident Response Process ................................................................................................................ 5 Preparation Phase.............................................................................................................................. 6 Detection & Analysis ........................................................................................................................ 10 Containment ..................................................................................................................................... 14 m o Eradication & Recovery .................................................................................................................... 15 Post-Incident Activities ..................................................................................................................... 16 c . 5 Coordination ..................................................................................................................................... 17 Vulnerability Response Playbook ......................................................................................................... 21 Preparation....................................................................................................................................... 21 b u Vulnerability Response Process ....................................................................................................... 22 Identification ..................................................................................................................................... 22 h t i g Evaluation ........................................................................................................................................ 23 Remediation ..................................................................................................................................... 24 Reporting and Notification ................................................................................................................ 24 Appendix A: Key Terms ....................................................................................................................... 25 Appendix B: Incident Response Checklist ............................................................................................ 27 Appendix C: Incident Response Preparation Checklist ........................................................................ 35 Appendix E: Vulnerability and Incident Categories ............................................................................... 38 Appendix F: Source Text...................................................................................................................... 39 Appendix G: Whole-of-Government Roles and Responsibilities ........................................................... 41 TLP:WHITE CISA | Cybersecurity and Infrastructure Security Agency 2 TLP:WHITE INTRODUCTIO
Federal Government Cybersecurity Incident and Vulnerability Response Playbooks 英文版
安全文档 >
安全培训 >
>
文档预览
43 页
1 下载
34 浏览
0 评论
0 收藏
3.0分
温馨提示:当前文档最多只能预览 7 页,若文档总页数超出了 7 页,请下载原文档以浏览全部内容。
本文档由 路人甲 于 2022-07-02 11:14:55上传分享