Need attached documents to be turned into 1 complete document. Overview Most or

Need attached documents to be turned into 1 complete document.
Overview
Most organizations have incident response plans to assist with decision making during times of crisis. “When an incident occurs” is not the right time to focus on preventative measures or high-level strategic planning. The security practitioner needs to quickly assess, act, and improvise to stop adversaries that are already inside their organization’s network. Limiting damage and regaining operational control of the computing environment are key goals.
Above all, the plans and artifacts associated with incident response serve as a bridge from analysis to action. Good understanding of adversary tradecraft, reasonable predictions about likely avenues of attack, and clear, concise tactical response procedures help practitioners limit the negative impacts of cyberattacks. To seize the initiative, incident responders must limit their adversary’s mobility, disrupt their patterns of attack, and work to restore critical
services so that an organizations can continue to function. A practitioner must take a balanced, structured approach to developing both operational and tactical incident detection and response capabilities.
Assess how legislation, policies, and regulations shape incident detection and response practices
Employ incident detection and response tools and techniques necessary for successfully detecting, managing, and resolving incidents
Develop security countermeasures that reduce the negative impacts of incidents on organizational systems, operations, and personnel
Communicate the results of incident response activities to technical and nontechnical audiences for enhancing the security posture of an organization
Scenario
Review the full Final Project Scenario for this project. You have been tasked with providing an executive summary and plan (see below) to address the situation in the scenario.
Prompt
Your executive summary and plan must be submitted together and include the following critical elements. Most of the critical elements align with a particular course outcome (shown in brackets).
Executive Summary: Executives often rely on the executive summary of long or technical reports to give them the information they need. Your executive summary will contain an overview and a brief section on the legal, regulatory, and policy compliance issues that are of specific interest to the stakeholders.
Overview: The purpose of this summary is to highlight the main points of the report, and any findings or recommendations. Logically, you will write the overview portion of this report last. However, your final artifact will position this piece first for the audience.
Describe how the overall plan will enhance the security posture of the organization, using consumable language (i.e., no overly technical jargon or slang terms).
Discuss key takeaways (response procedures) based on the scenario, using consumable language.
Articulate how your team plans to operationalize this approach for better response to the executive stakeholders.
Legal, Regulatory, and Policy Compliance: In this section, you will discuss considerations related to the legal, regulatory, and policy compliance issues identified in the scenario. Consider some of the topics and issues you engaged with in Module One as you address this portion of your final project.
Explain how the legal and regulatory issues influence the organization’s approach to detection. Provide examples based on the scenario.
Explain how the legal and regulatory issues identified in the scenario influence the organization’s approach to response. Provide examples based on the scenario.
Explain your method for resolving gaps in resources or the processes that are necessary to address legal, regulatory, and policy compliance issues. Provide examples. For example, what specific policies are currently in place to address these elements, based on what you were provided for this project and your activities during the course?
Operational Plan and Analysis: The purpose of this section is for you to put together a plan that your team can operationalize if an incident such as the one in the scenario should occur again.
Incident Response Process With Key Roles and Responsibilities Assignments: You were provided with a diagram and table in the Milestone One document to use as the basis of this part of your project. If the table provided is too cumbersome, you may make your own. However, your completed table must contain and build on the provided information, addressing the steps within the full flow of a potential attack, as well as the key roles and responsibilities necessary for detecting and responding to the provided incident types.
Identify a logical sequence of steps stakeholders should take for addressing the scenario. For example, who should do what within the process?
Articulate the rationale behind the assignment of the roles and responsibilities for these steps. Ensure you address implementation concerns in your rationale.
Courses of Action Table: You were provided with a Courses of Action table template to use as the basis of this part of your project. Your completed courses of action table must address the full flow of a potential attack, specifically the one in your provided scenario.
Attack Methods and Features: Describe logical steps to model a potential attack from start to finish.
Detection Location and Methods: Describe potential detection location and methods for different steps in an attack pattern.
Response Objective: Identify the effects you want to achieve in countering the attack and how you want to achieve them.
Response Method: Identify response methods that are logical and feasible in addressing the nature of the attack.
Countermeasures Analysis: You have been exposed to several attack types and created your courses of action table. This section of your plan will contain a brief narrative around your thinking in creating that table and how your security countermeasures will address the nature of those attacks.
Explain how your security countermeasures will reduce the negative impacts from the attack methods on organizational systems.
Explain how your security countermeasures will reduce the negative impacts from the attack methods on organizational operations.
Explain how your security countermeasures will reduce the negative impacts from these types of attacks on your personnel (roles and resources).
Milestones
Milestone One: Incident Response Process Diagram With Key Roles and Responsibilities Annotations
In Module Three, you will submit section II.A (incident response process with key roles and responsibilities assignments) of the final project. This milestone will be graded with the Milestone One Rubric.
Milestone Two: Courses of Action Table
In Module Six, you will submit section II.B of the final project: the courses of action table. This milestone will be graded with the Milestone Two Rubric.
Milestone Three: Countermeasures Analysis
In Module Seven, you will submit section II.C of the final project: the countermeasures analysis. This milestone will be graded with the Milestone Three Rubric.
Final Submission: Executive Summary and Plan
In Module Nine, you will submit your final project. It should be a complete, polished artifact containing all of the critical elements of the final product. It should reflect the incorporation of feedback gained throughout the course. This submission will be graded with the Final Project Rubric.
Your submission should be approximately 3 pages in length, not including the completed templates (plus a cover page and references), and should be written in APA format. Use double spacing, 12-point Times New Roman font, and one-inch margins. Include at least three references, which should be cited according to APA style.