Question

Discuss about the required response time for each level of security incident with your own example.

Answer 1

The required response time for each level of security incident is given below:

Physical security:

• In this level, the data must be secured from any kind of disasters, or thieves.
• Sometimes the private information gets stole also. So, there must be some backup so that the information will not affected.

Control in Access:

• Any of the un authorized person will not be able to access the information.
• The information must be protected in such a way that it must be restricted for the person who is not authorized.
• If, some unauthorized person tries to attempt to gain the information of the system, then the response must be that much affective that it can’t give the permission to access the data.
• Each time when the person tries to access the system, the system must restrict the person.

Identification of the users:

• Every user must be identified first as per their role in the data.
• Identification of the user is must whenever it tries to access the data.

Authentication:

• As per the data is available, verify the claiming of the data.

Authorization:

• Define the rules or the rights to access the sensitive information.
• The rules must be followed by every user who want to access the data.

Firewall setup:

• As per the rules defined, set up a system which can control or manage the incoming and the outgoing traffic.
• Monitor the packet controlling as per the rules defined.

Intrusion Detection System:

• Sometimes bad virus, or any malware thing can be happened in the system, that can affect the sensitive information.
• The attackers can try to use the brute force method that compromise the systems or try to destroy the systems, networks or the services.
• So, if any malware activity happens, there must be a system that can detect it.
• The response in this must be like, there must be some anti-virus present in the system that save the data due to bad viruses.

Intrusion Prevention system:

• There must a system which can manage the traffic and prevent the system from the traffic.
• Any threat if happen in the system, this system must be able to handle that situations.