QS0034-02: Incident Response Plan

Question 1

QS0034-01: Incident Response Plan

Which role is responsible for determining the nature and scope of the incident?

Answer 1

The Information Security Officer

Question 2

QS0034-01: Incident Response Plan

Which role is a central point of contact for all computer incidents?

Answer 2

DevOps

Question 3

QS0034-01: Incident Response Plan

What are the responsibilities of Application Engineers?

Answer 3

1. Contacts DevOps with any information relating to a suspected breach
2. Collects pertinent information regarding the incident at the request of the ISO

Question 4

QS0034-01: Incident Response Plan

What are examples of incidents requiring the Incident Team activation?

Answer 4

1. Breach of sensitive data, especially Personal Information
2. Attacks that impact services or may lead to information that can lead to a breach. For example:
3. Denial of Service / Distributed Denial of Service
4. Excessive Port Scans
5. Firewall Breach
6. Virus / Malware Outbreak
7. Disasters that result in potential loss of information

Question 5

QS0034-01: Incident Response Plan

What is meant by a Security Breach?

Answer 5

A security breach is the unauthorized acquisition of data that compromises the security, confidentiality, or integrity of data maintained by LabLynx.

Question 6

QS0034-01: Incident Response Plan

How is the impacted entity notified?

Answer 6

Written, or Email notices. At minimum, client facing helpdesk tickets accomplish this.