Is416 Week5 Assignment1

1212 Words5 Pages
IS416: Week 5 Assignment 1: Windows Incident Handling Tools Learning Objectives and Outcomes You will learn about Windows incident handling tools and the ways to use them to manage a security incident. Assignment Requirements Responding to incidents in an efficient and repeatable manner depends on having the right tools in place before incidents occur. While there are many types of tools and utilities available for different purposes, some tools support incident handling tasks well. As a security administrator for Ken 7 Windows Limited, you have been given the task of evaluating various software tools for computer security incident response team (CSIRT) use. You should recommend at least one tool for each of the main CSIRT categories of functional needs. You can select from the list of functional needs given below. For each software tool you should select the functional need, or multiple needs, it best meets. In the Tool Summary Chart below, there is a short description of each tool taken from the tool’s Web site. Step 1: Identify the functional need each tool fulfills. Explain the reasons for your choice. Step 2: Which of the tools listed would you recommend for Ken 7 Windows Limited CSIRT? Why? Select from these CSIRT functional needs: a. Tracking incidents b. Reporting on incidents c. Archiving incidents d. Communicating incident information e. Managing an incident’s tasks and activities Software tools (note which CSIRT functional needs each product meets and why): 1. Archer Incident Management 2. D3 Incident Reporting and Case Management 3. Application for Incident Response Teams (AIRT) 4. Request Tracker for Incident Response (RTIR) 5. BMC Remedy Action Request System Tool Summary Chart Archer Incident Management: Archer Incident Management centralizes and streamlines the

More about Is416 Week5 Assignment1

Open Document