CSIA PROJECT 1
5/16/22, 4:29 PM Project #1 Incident Response Report - Part A: Incident Response Form - CSIA 310 6380 Cybersecurity Processes and Technologi…
https://learn.umgc.edu/d2l/lms/dropbox/user/folder_submit_files.d2l?db=1268792&grpid=0&isprv=0&bp=0&ou=686478 1/7
Project #1: Part A Incident Response Form Course: CSIA 310 6380 Cybersecurity Processes and Technologies (2225)
Criteria Excellent Outstanding Acceptable Needs Improvemen t
Needs Significant Improvemen t
Missing or Unacceptabl e
Criterion Score
Section 1:
Contact
Informatio
n
/ 1010 points
Provided an
acceptable
title page for
the file.
Provided a
complete
section 1 of
the Incident
Report Form
that included
realistic but
fictionalized
data for all of
the following
fields:
Nam
e
Role
Orga
nizati
onal
Unit
and
affilia
tion
addr
ess
Phon
e
8.5 points
Provided an
acceptable
title page for
the file.
Provided a
complete
section 1 of
the Incident
Report Form
that included
realistic but
fictionalized
data for at
least four of
the following
fields:
Nam
e
Role
Orga
nizati
onal
Unit
and
affilia
tion
addr
ess
7 points
Provided an
acceptable
title page for
the file.
Provided a
complete
section 1 of
the Incident
Report Form
that included
realistic but
fictionalized
data for at
least three of
the following
fields:
Nam
e
Role
Orga
nizati
onal
Unit
and
affilia
tion
addr
ess
6 points
Provided an
acceptable
title page for
the file.
Provided
information
in at least 3
of the
following
fields:
Nam
e
Role
Orga
nizati
onal
Unit
and
affilia
tion
addr
ess
Phon
e
Num
ber
locati
on
4 points
Provided a
title page
and section
1. The fields
were
sparsely
completed.
0 points
Required
content was
missing.
5/16/22, 4:29 PM Project #1 Incident Response Report - Part A: Incident Response Form - CSIA 310 6380 Cybersecurity Processes and Technologi…
https://learn.umgc.edu/d2l/lms/dropbox/user/folder_submit_files.d2l?db=1268792&grpid=0&isprv=0&bp=0&ou=686478 2/7
Criteria Excellent Outstanding Acceptable Needs Improvemen t
Needs Significant Improvemen t
Missing or Unacceptabl e
Criterion Score
Section 2:
Incident
Details
/ 25
Section 3:
Cause of
the
Incident
/ 25
Num
ber
locati
on Phon
e
Num
ber
locati
on
Phon
e
Num
ber
locati
on
25 points
Provided an
excellent
report of the
incident
details as
required by
the NIST
template.
Responses
for all items
were clear,
concise, and
reflected the
analysis of
the Blue
Team with
additional
contributions
by this
student.
22.5 points
Provided an
outstanding
report of the
incident
details as
required by
the NIST
template.
Responses
for all items
were clear
and reflected
the analysis
efforts of the
Blue Team
with
additional
contributions
by this
student.
21 points
Provided an
acceptable
report of the
incident
details as
required by
the NIST
template.
Responses
for most
items were
clear and
reflected
some of the
analysis
efforts of the
Blue Team
with
additional
contributions
by this
student.
15 points
Provided a
report of the
incident
details as
using the
fields listed
in the NIST
template.
Responses
reflected
some of the
analysis
efforts of the
Blue Team
with a few
additional
contributions
by this
student.
10 points
Attempted to
complete
Section 2 of
the incident
report form
but the
information
was seriously
lacking (a)
details
and/or (b)
originality
(copied
rather than
paraphrased)
.
0 points
No work
submitted
for this
section.
25 points
Provided an
excellent
report of the
22.5 points
Provided an
outstanding
report of the
21 points
Provided an
acceptable
analysis and
15 points
Provided an
analysis of
the incident
10 points
Attempted to
complete
Section 3 of
0 points
No work
submitted
5/16/22, 4:29 PM Project #1 Incident Response Report - Part A: Incident Response Form - CSIA 310 6380 Cybersecurity Processes and Technologi…
https://learn.umgc.edu/d2l/lms/dropbox/user/folder_submit_files.d2l?db=1268792&grpid=0&isprv=0&bp=0&ou=686478 3/7
Criteria Excellent Outstanding Acceptable Needs Improvemen t
Needs Significant Improvemen t
Missing or Unacceptabl e
Criterion Score
incident
causes using
information
reported by
the Red
Team (from
the
assignment)
and
additional
analysis
performed
by the Blue
Team and
this student.
Appropriatel
y used
information
from the
Sifers-
Grayson
Overview
and
Enterprise
Architecture
diagrams.
Reporting of
the analysis
was clear,
concise, and
reflected the
analysis of
the Blue
Team with
additional
contributions
incident
causes using
information
reported by
the Red
Team (from
the
assignment)
and
additional
analysis
performed
by the Blue
Team and
this student.
Appropriatel
y used
information
from the
Sifers-
Grayson
Overview
and
Enterprise
Architecture
diagrams.
Reporting of
the analysis
was clear
and reflected
the analysis
of the Blue
Team with
additional
contributions
by this
student.
written
report of the
incident
causes using
information
reported by
the Red
Team (from
the
assignment)
and
additional
analysis
performed
by the Blue
Team and
this student.
Appropriatel
y used
information
from the
Sifers-
Grayson
Overview
and
Enterprise
Architecture
diagrams.
Reporting of
the analysis
included
information
from the
Blue Team
with
additional
contributions
causes using
some
information
from the Red
Team and
Blue Team
with a few
additional
contributions
by this
student.
the incident
report form
but the
information
was seriously
lacking (a)
details
and/or (b)
originality
(copied
rather than
paraphrased)
.
for this
section.
5/16/22, 4:29 PM Project #1 Incident Response Report - Part A: Incident Response Form - CSIA 310 6380 Cybersecurity Processes and Technologi…
https://learn.umgc.edu/d2l/lms/dropbox/user/folder_submit_files.d2l?db=1268792&grpid=0&isprv=0&bp=0&ou=686478 4/7
Criteria Excellent Outstanding Acceptable Needs Improvemen t
Needs Significant Improvemen t
Missing or Unacceptabl e
Criterion Score
Sections 4
& 5: Cost
and
Impact
/ 10
Section 6:
General
Comments
/ 10
by this
student.
by this
student.
10 points
Provided
an
excellent
analysis of
the
potential
costs and
impacts of
the
incident as
reported
by the Red
Team.
Analysis
was clear
and
concise.
Included
informatio
n from the
Blue Team
and
supplemen
ted it with
additional
analysis by
this
student.
8.5 points
Provided
an
outstandin
g analysis
of the
potential
costs and
impacts of
the
incident as
reported
by the Red
Team.
Analysis
was clear
and
included
informatio
n from the
Blue Team
and
supplemen
ted it with
additional
analysis by
this
student.
7 points
Provided
an
acceptable
analysis of
the
potential
costs and
impacts of
the
incident as
reported
by the Red
Team.
Analysis
included
some
informatio
n from the
Blue Team
and limited
additional
analysis by
this
student.
6 points
Attempted
to provide
an analysis
of the
potential
costs and
impacts of
the
incident.
4 points
Addressed
the
potential
impacts of
the
incident
but the
analysis
was
significantl
y lacking in
(a) details
and/or (b)
originality
(excessive
copying
with no
paraphrasi
ng).
0 points
No work
submitted.
10 points 8.5 points 7 points 6 points 4 points 0 points
5/16/22, 4:29 PM Project #1 Incident Response Report - Part A: Incident Response Form - CSIA 310 6380 Cybersecurity Processes and Technologi…
https://learn.umgc.edu/d2l/lms/dropbox/user/folder_submit_files.d2l?db=1268792&grpid=0&isprv=0&bp=0&ou=686478 5/7
Criteria Excellent Outstanding Acceptable Needs Improvemen t
Needs Significant Improvemen t
Missing or Unacceptabl e
Criterion Score
Provided
an
excellent
discussion
of the
contract
requiremen
ts and
derivative
requiremen
ts for
cybersecur
ity at
Sifers-
Grayson
(clear,
concise,
accurate).
Included
informatio
n from the
Blue Team
and
supplemen
ted it with
additional
analysis by
this
student.
Included
additional
informatio
n as
necessary
to provide
explanatio
Provided
an
outstandin
g
discussion
of the
contract
requiremen
ts and
derivative
requiremen
ts for
cybersecur
ity at
Sifers-
Grayson
(clear and
accurate).
Included
informatio
n from the
Blue Team
and
supplemen
ted it with
additional
analysis by
this
student.
Included
additional
informatio
n as
necessary
to provide
explanatio
Provided
an
acceptable
discussion
of the
contract
requiremen
ts and
derivative
requiremen
ts for
cybersecur
ity at
Sifers-
Grayson.
Included
informatio
n from the
Blue Team
and
supplemen
ted it with
additional
analysis by
this
student.
Discussed
some of
the
contract
requiremen
ts and/or
derivative
requiremen
ts for
cybersecur
ity at
Sifers-
Grayson.
Included
informatio
n from the
Blue Team
and
supplemen
ted it with
additional
analysis by
this
student.
Important
points
were
missing or
were not
adequately
covered.
Attempted
to
complete
Section 6
of the
incident
report
form but
the
informatio
n was
seriously
lacking (a)
details
and/or (b)
originality
(copied
rather than
paraphrase
d).
Missing or
no work
submitted.
5/16/22, 4:29 PM Project #1 Incident Response Report - Part A: Incident Response Form - CSIA 310 6380 Cybersecurity Processes and Technologi…
https://learn.umgc.edu/d2l/lms/dropbox/user/folder_submit_files.d2l?db=1268792&grpid=0&isprv=0&bp=0&ou=686478 6/7
Criteria Excellent Outstanding Acceptable Needs Improvemen t
Needs Significant Improvemen t
Missing or Unacceptabl e
Criterion Score
Profession
alism:
Execution
/ 20
ns and
improve
overall
clarity for
the
incident
response
report.
ns and
improve
overall
clarity for
the
incident
response
report.
20 points
Work is
profession
al in
appearanc
e and
organizatio
n
(appropriat
e and
consistent
use of
fonts,
headings,
color).
No word
usage,
grammar,
spelling, or
punctuation
errors. All
quotations
(copied text)
are properly
marked and
cited using a
18 points
Work is
profession
al in
appearanc
e and
organizatio
n
(appropriat
e and
consistent
use of
fonts,
headings,
color).
Work
contains
minor errors
in word
usage,
grammar,
spelling or
punctuation
which do not
significantly
impact
16 points
Work is
profession
al in
appearanc
e and
organizatio
n (minor
issues
allowable
but overall
the work
contains
appropriat
e and
consistent
use of
fonts,
headings,
color).
Errors in
word usage,
spelling,
grammar, or
punctuation
which
14 points
Submitted
work has
numerous
errors in
formatting,
organization,
word usage,
spelling,
grammar, or
punctuation
which
detract from
readability
and
professional
appearance.
Punctuation
errors may
include
failure to
properly
mark quoted
or copied
material (an
attempt to
name
10 points
Submitted
work is
difficult to
read /
understand
and has
significant
errors in
formatting,
appearance /
organization,
spelling,
grammar,
punctuation,
or word
usage.
Significant
errors in
presentation
of copied
text (lacks
proper
punctuation
and failed to
attribute
material to
0 points
No work
submitted
for this
assignment.
5/16/22, 4:29 PM Project #1 Incident Response Report - Part A: Incident Response Form - CSIA 310 6380 Cybersecurity Processes and Technologi…
https://learn.umgc.edu/d2l/lms/dropbox/user/folder_submit_files.d2l?db=1268792&grpid=0&isprv=0&bp=0&ou=686478 7/7
Total / 100
Overall Score
Criteria Excellent Outstanding Acceptable Needs Improvemen t
Needs Significant Improvemen t
Missing or Unacceptabl e
Criterion Score
professional
format. (APA
format
recommende
d but not
required.)
professional
appearance.
All
quotations
(copied text)
are properly
marked and
cited using a
professional
format. (APA
format
recommende
d but not
required.)
detract from
professional
appearance
of the
submitted
work. All
quotations
(copied text)
are properly
marked and
cited using a
professional
format. (APA
format
recommende
d but not
required.)
original
source is
required).
original
source).
Do Not Use This Block 0 points minimum