Assessment item 1 Incident Response Plan Value: 30% Due date: 10-Apr-2017 Return date: 04-May-2017 Length: 2500 words Submission method options EASTS (online) Task One of the most important skills of an incident handler is the ability to run through the steps of an incident response plan off the top of their head during an incident. The task is to write a high-level incident response plan outlining the major steps involved in dealing with an incident. The plan should be written as if providing guidance to an incident response team within an organisation. Templates and example Incident Response plans will be available on the Resources section of Interact in Week 1. Rationale This assignment is designed to: • Assess your knowledge of key steps that need to be taken during the course of an incident to manage it in a structured and effective manner. • Assess your ability to write an incident response plan that will be applicable to a wide variety of incident types. • Help you to articulate clear incident handling instructions to a variety of stakeholders within a typical organisation. • Assess your knowledge and understanding of common attack stages and intrusion methods. • Enhance your skills in constructing documents to a standard that would be acceptable within a professional organisation. Marking criteria Criteria Marks Complete list of steps - The submission should have all the steps involved in responding to a computer security incident. /30 Description of each step - Each step should have a complete description of what activities are required in the step. /30 Appropriate level of steps - The plan should be suitable for a broad range of security incidents. /30 Presentation - Grammar & spelling - Report format - Overall presentation /5 Referencing /5 Total /100 HD DI CR PS FL Write a professional incident response plan that captures the steps involved in responding to an incident within an organisation. The plan must include: - All applicable steps (Preparation, Identification, Containment, Eradication, Recovery and Lessons Learned). - The roles and responsibilities during an incident. - Descriptions on how to identify, declare and rate the severity of an incident. - A pictorial representation of the common steps involved. Details of applicable contacts within and outside the organisation. All steps relating to handling an incident are articulated clearly. Commentary for each step is insightful and articulated in a clear and concise manner. The plan is of a standard that demonstrates a high level of professionalism. Details for each step is complete. The pictorial representation aligns precisely with the incident handling steps and provides a simple but informative overview of the incident plan steps. The plan includes a comprehensive list of key contacts with thorough detail to initiative contact through multiple methods. The plan would provide insightful and valuable guidance for an incident handler during an incident. All steps relating to handling an incident are articulated clearly. There is a sufficient amount of commentary for each step and it is articulated in a clear and concise manner. The plan is of a standard that demonstrates a high level of professionalism. There are no significant gaps in the details provided for each step. The pictorial representation aligns heavily with the incident handling steps and provides a simple but informative overview of the incident plan steps. The plan includes a comprehensive list of key contacts with sufficient detail to initiative contact through multiple methods. The plan would provide valuable guidance for an incident handler during an incident. All steps relating to handling an incident are articulated clearly. There is a sufficient amount of commentary for each step. The plan is at a level that is acceptable within a professional environment. There are no significant gaps in the details provided for each step. The pictorial representation aligns with incident handling steps and provides a simple but informative plan overview. The plan includes a list of key contacts with sufficient detail to initiative contact through multiple methods. The plan would be helpful and informative as guidance for an incident handler during an incident. All steps relating to handling an incident are articulated clearly. There is a minimal amount of commentary for each step. The plan is not at a level expected in a professional environment, as there is significant gaps and insufficient detail. The pictorial representation is not well suited for, or does not align with the incident handling steps. The plan could only be used for basic guidance during an incident. The incident response plan has not adequately addressed all the steps relating to handling an incident and does not demonstrate a clear understanding of the assessment criteria. The pictorial representation of incident handling steps is absent or irrelevant. The plan could not be practically used to guide an incident handler during an incident. Selection of a range of material which is relevant to the topic. Integration of material sourced from literature to support the ideas expressed in the essay. Minimum of 8 references 4 of which must be relevant, refereed, journal articles located by the student. Excellent independent identification of an extensive range of literature which is: relevant; current; authoritative; and which includes multiple publication types. Substantially exceeds the minimum number of required references, demonstrating excellent skills in searching for relevant and credible literature. Excellent linkage and integration. Has developed and justified using own ideas based on publications which have been thoroughly analysed, applied and discussed to illustrate and justify the discussion. Good independent identification of an extensive range of literature which is: relevant; current; authoritative; and which includes multiple publication types. Substantially exceeds the minimum number of required references, demonstrating excellent skills in searching for relevant and credible literature. Good linkage and integration. Has developed and justified using own ideas based on publications which have been thoroughly analysed, applied and discussed to illustrate and justify the discussion. Minimum of 8 references including at least 4 refereed journal articles located by the student have been used. Some (but not all) of the literature is not: relevant; current; or authoritative; and may not include multiple publication types. Some evidence of application of readings relevant to the subject. Some attempt to integrate information from publications with own writing. Some content from publications is presented uncritically, in a purely descriptive way and indicates limitations of understanding or a limited ability to compare and link information from several sources. Minimum of 5 references including at least 2 refereed journal articles located by the student have been used. Some of the literature is not: relevant; current; or authoritative; and may not include multiple publication types. Student has attempted to apply or integrate information from publications into own writing. Most content from publications is presented uncritically, in a purely descriptive way and indicates limitations of understanding or a limited ability to compare and link information from some sources. Little of no evidence of attempt to search for and independently identify relevant, current or authoritative literature. Less than 8 overall references have been used. Little or no attempt to compare or link information from several sources. Content from publications is listed without integration with student writing and without identifying similarities or differences. A successful Masters student must write clearly and purposefully in English using vocabulary and language that suits the writing task and addresses their intended audience. Writing demonstrates clarity of intention, purpose, insight, and approach to the topic. Written expression is clear, fluent and well-structured: · Sentences are well structured, with excellent use of vocabulary, and with minimal or no grammatical and punctuation errors. · Paragraphs are structured to present a flow of ideas. · The written piece is well-formatted with minimal or no spelling or proofreading errors. · Language is used to convey a clear meaning to the intended audience. Writing style conveys a clear and meaningful interpretation of the task, based on confidence in knowledge and ability to clearly communicate complex concepts and ideas. Presented in 1.5 line spacing, with wide margins, page numbers and suitable type-size. Writing demonstrates clarity of intention, purpose, and approach to the topic. Written expression is clear, fluent and well-structured: · Sentences are well structured, with good use of vocabulary, and with minimal or no grammatical and punctuation errors. · Paragraphs are structured to present a flow of ideas. · The written piece is well-formatted with minimal or no spelling or proofreading errors. · Language is used to convey a clear meaning to the intended audience. Writing style conveys a clear and meaningful interpretation of the task, based on confidence in knowledge and ability to clearly communicate complex concepts and ideas. Presented in 1.5 line spacing, with wide margins, page numbers and suitable type-size. Written expression is clear, well-structured and understandable: · Sentences are well structured, with good use of vocabulary, and contain few grammatical and punctuation errors. · Paragraphs are well structured and assist in presenting a flow of ideas, despite a small amount of repetition. · Formatting has been considered and contains few spelling or proofreading errors. · The purpose of the writing is identified and explained. The language used has meaning to both themselves and their intended audience. Writing style is well suited to the purpose of the task and the intended audience. Writing conveys the intended meaning and required level of detail of knowledge Some issues with submission or formatting. Written expression is clear, well-structured and understandable: · Sentence structure could use some work, with some grammatical errors present. · Paragraphs are mostly well structured and assist in presenting a flow of ideas, despite some repetition. · The written piece is adequately formatted but contains some spelling or proofreading errors. · The purpose of the writing is identified and explained. Writing style is suited to the purpose of the task and the intended audience. Writing conveys the intended meaning but requires more detail and evidence of knowledge. Some issues with submission or formatting. Writing lacks clarity of expression, structure or purpose: · Sentences are poorly structured, with inappropriate vocabulary and frequent grammatical and punctuation errors. · Paragraphs do not assist in presenting a flow of ideas. · The written piece is poorly formatted with frequent spelling or proofreading errors. · The language used does little to convey meaning Writing style is focused on information without conveying a meaningful interpretation of the topic. Deviates significantly from the required in the submission format Rubric Presentation Use an appropriate report format, with correct grammatical protocols and accurate spelling, punctuation and word count. Feel free to use headings and bullet-lists where you think this is appropriate. APA referencing should be used unless students have made prior arrangements with the subject mentor. Requirements Word count for this assignment is taken seriously. The word count reflects the level of detail you are required to put into your assignment. Students who exceed the word count by more than 10% will be penalised, and students who exceed wordcounts by an excessive amount may not have their assignment marked beyond a certain point to ensure fairness to other students who have completed the assignment within the guidelines given. Administrative sections of your assignment such as headings, table of contents, reference list and other diagrams & figures are not included in the word count. In text citations are included as part of your word count. Students who submit in PDF form should include a word count on their cover page.