CIS 359 Week 5 Discussion
1. Containment and IR Strategies" Please respond to the following:
· Explain why it is important for a business to have a specific plan of action, processes, and / or a set of guidelines to manage potential security incidents that may arise. Support your answer with a real-life example. Be sure to clearly identify the business as well as the potential security incident in your example.
· Discuss the role of incident containment in an incident response strategy and how a lack of planning for containment is a potential pitfall for any response strategy.
2. "SIEM and Incident Response" Please respond to the following:
· From the e-Activity, explain in your own words the purpose of security information and event management (SIEM) solutions and how this category of tools can assist an incident response team. Also determine whether or not you believe the “golden hour” is a realistic and attainable response goal. Justify your answer.