Scribd
Upload
52 views

Assignment 4 - Shekar

The document discusses computer security incident response teams (CSIRTs) and provides information about training resources. It lists five key sources for CSIRT training, including the European Union Agency for Network and Information Security and ExaBeam. It describes the roles and responsibilities of CSIRTs in responding to security incidents according to predefined procedures. The document also provides background information on MITRE and Security Focus as technical resources for CSIRTs.

Uploaded by

Rikky Abdul
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
52 views

Assignment 4 - Shekar

The document discusses computer security incident response teams (CSIRTs) and provides information about training resources. It lists five key sources for CSIRT training, including the European Union Agency for Network and Information Security and ExaBeam. It describes the roles and responsibilities of CSIRTs in responding to security incidents according to predefined procedures. The document also provides background information on MITRE and Security Focus as technical resources for CSIRTs.

Uploaded by

Rikky Abdul
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 6

Module 4 assignment 1

Rajashekar Neelarapu
556762
BA635 Disaster Recovery
Professor Fred Rose
Module 4 assignment 2

CSIRT:

Computer security incident response team or CSIRT is a team of an organization that

responds to computer security incidents. The main objective of the CSIRT team is to

minimize and control the damage resulting from an incident.

Five sources that one should use when training a CSIRT are listed below:

 European Union Agency for Network and Information Security (ENISA). The source

link is: https://www.enisa.europa.eu/topics/trainings-for-cybersecurity-

specialists/online-training-material

 Exa beam. The source link is: https://www.exabeam.com/incident-response/csirt/

 Nippon CSIRT Association. The source link is:

http://www.nca.gr.jp/imgs/CSIRTstarterkit_en.pdf

 FIRST.org, the source link is: https://www.first.org/education/trainings.

https://www.csirt.org/ https://www.sei.cmu.edu/reports/03hb002.pdf.

 European Computer Security Incident Response Team Network. The source link is:

http://www.ecsirt.net/cec/service/links.html

ENISA is a centre of information security and network. ENISA works with the different

groups like (CSIRT) to develop advice and recommendations on best practice in information

security. The training sets to provide an indication of what an organization should consider

during the recruitment of staff for CSIRT teams.

A CSIRT is a team or an entity within an agency that provides services and support to a

organization in order to mitigate, manage and respond to information security incidents.

These teams are usually consist of different specialists from different categories who act
Module 4 assignment 3

according to predefined procedures and policies in order to respond quickly and effectively to

security incidents and to reduce the risk of cyber attacks.

Information provided in MITRE:

The MITRE is a nonprofit Organization which is dedicated to tackle problems that challenge

our nation's safety, stability. It operates federally and provide innovative, practical solutions

in the defense and intelligence, aviation, civil systems, homeland security, judiciary,

healthcare, and cyber security .It was founded in 1958.MITRE has grown as a systems

engineering company working on issues of national defense.

MITRE provides technical solutions for both civil and military agencies, as there have been

challenges evolved with time. It shares knowledge across the corporation, as lessons learned

while solving the issues of one customer are applied to the needs of others. MITRE recruits,

compensates, trains, employs and promotes regardless of age, color, race, disability, marital

status, national and ethnic origin, political affiliation, religion, sexual orientation, gender

identity, family medical or genetic information.

One of the most important strengths of MITRE organization is the ability to apply a wide

variety of technical and organizational on how to resolve challenges across the federal

government. Few cross-corporate capabilities of MITRE’s organization have been grounded

in technical areas, such as systems engineering, signal processing, and acquisition. Whereas

cyber security, mobile technology, and social software, have been growing to meet the

present day scenario.


Module 4 assignment 4

Information provided in Security Focus:

Under vulnerabilities tab different software’s and tools description and how they are

vulnerable to be attacked by a security incident was mentioned and solution to overcome the

future attack has also been provided over there.

EX: Oracle VM Virtual Box Multiple Local Security Vulnerabilities:

Vulnerability: Oracle VM Virtual Box is prone to many local security vulnerabilities in the

'Core component. These vulnerabilities affect the following supported versions:

prior to 5.2.24, prior to 6.0.2

A vulnerability report includes:

 A list of all possible vulnerable applications and operating systems ,devices with

version numbers .

 A discussion on how to replicate the vulnerability, possibly including exploit

programs.

 A detailed discussion of solutions, fixes or possible work-around.

 References to information related to the vulnerability.

 A list of non-vulnerable applications and operating systems with version numbers.

BugTraq was created on Friday the 5th of November, 1993 by Scott Chasin. Over the years

BugTraq has grown into a well respected security mailing list with over twenty seven

thousand subscribers. BugTraq is a full disclosure moderated mailing list for the detailed

discussion and announcement of computer security vulnerabilities: what they are, how to
Module 4 assignment 5

exploit them, and how to fix them. Aleph One took over BugTraq on Tuesday the 14th of

May, 1996.

Information provided in CERT website:

When we talk about CSIRT, we often hear the terms CERT and SOC. There are similar

functions and responsibilities between a community emergency response team (CERT),

computer security incident response team (CSIRT), and security operations center (SOC).

 A CERT collects and circulates the security information, for the benefit of a country

or industry.

 A CSIRT is a team that responds to incidents on behalf of a country or organization.

 A SOC is where a country or organization monitors and defends its network, servers

and applications.
Module 4 assignment 6

References:

 Booz Allen Hamilton - Info galactic: the planetary knowledge core. (2019).

Retrieved from https://infogalactic.com/info/Booz_Allen_Hamilton

 (2019). Retrieved from https://wikivisually.com/wiki/Security_guard

 Software Engineering Institute. (2019). Retrieved from

https://www.sei.cmu.edu/careers/job-openings/index.cfm

 Bugtraq. (2019). Retrieved from https://en.wikipedia.org/wiki/Bugtraq

You might also like