Module 9: Incident Response
Description
Students learn about Incident Response (IR) strategies, including prevention and containment. They also learn how to create an Incident Response Plan.
Objectives
| # | Revised Bloom’s Taxonomy | Objective | Slide # | Act. 1 | Team Act | Assess Ques # |
|---|---|---|---|---|---|---|
| 9.1 | Understand | Identify some common types of incidents that may occur in SCADA/ICS systems. | 3- 6 | X | 1 | |
| 9.2 | Understand | Identify the phases of an Incident Response (IR), as described in the NIST SP 800-61. | 7 – 26 | X | X | 2 |
| 9.3 | Understand | Identify incident containment and describe how it is applied to an incident. | 19 – 23 | X | X | |
| 9.4 | Understand | Identify the components of an Incident Response Plan. | 29 – 31 | 17 – 25 | ||
| 9.5 | Understand | Identify the 14 response core capabilities covered in the National Response Framework. | 33 – 37 | 5 -11 |
