Module 9: Incident Response

Module 9 Description & Objectives


Students learn about Incident Response (IR) strategies, including prevention and containment. They also learn how to create an Incident Response Plan.




  • List some common types of incidents that may occur in SCADA/ICS systems.
  • Identify the phases of an Incident Response (IR), as described in the NIST SP 800-61.
  • Define incident containment and describe how it is applied to an incident.
  • Discuss the IR reaction strategies unique to each category of incident.
  • Explain the components of an Incident Response Plan.
  • Identify the 14 response core capabilities covered in the National Response Framework.



Icon for the Creative Commons Attribution 4.0 International License

Critical Infrastructure Cybersecurity by Whatcom Community College and CyberWatch West is licensed under a Creative Commons Attribution 4.0 International License, except where otherwise noted.

Share This Book