Module 9: Incident Response
Students review one NIST case study, either the Olympic Pipeline Explosion or the Maroochy Water Services Incident. They indicate the response steps and describe what went wrong.
Hands-on Activity Objectives
- Identify the 14 response core capabilities covered in the National Response Framework.
- List some of common types of incidents that may occur in SCADA/ICS systems.
- Identify the phases of an Incident Response, as described in NIST SP 800-61.
- Explain the components of an Incident Response Plan.
Download one of the two NIST case studies below.
“Pipeline Rupture and Subsequent Fire in Bellingham, Washington June 10 1999.” NTSB/PAR-02/02. PB2002-916502. National Transportation Safety Board.
This document can also be downloaded from the Internet: https://www.mitre.org/publications/technical-papers/malicious-control-system-cyber-security-attack-case-study-maroochy-water-services-australia.
Review and assess the case you selected.
Write a short paper describing the response steps and what went wrong in the case study you read.
Grading Criteria Rubric
- Use of American Psychological Association (APA) style in writing the assignment
Grade Points: 100