vPLfv
vPLfv
vPLfv
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
4.2.5.8 R1: Respond to Technical Issues<br />
Workflow Diagram...................................................... 144<br />
4.2.5.9 R2: Respond to Management Issues<br />
Workflow Diagram...................................................... 148<br />
4.2.5.10 R3: Respond to Legal Issues Workflow Diagram ....... 152<br />
5 Future Work................................................................................................. 157<br />
Bibliography ....................................................................................................... 161<br />
Appendix A: Context for Each of the Process Workflows........................ A-1<br />
Appendix B: Acronyms................................................................................ B-1<br />
Appendix C: Glossary.................................................................................. C-1<br />
Appendix D: One-Page Versions of the Process Workflow Diagrams ..... D-1<br />
Incident Management Workflow Diagram ................................. D-2<br />
PC: Prepare/Sustain/Improve Workflow Diagram ..................... D-3<br />
PI: Protect Infrastructure Workflow Diagram............................. D-4<br />
D: Detect Events Workflow Diagram......................................... D-5<br />
T: Triage Events Workflow Diagram ......................................... D-6<br />
R: Respond Workflow Diagram ................................................ D-7<br />
R1: Respond to Technical Issues Workflow Diagram ............... D-8<br />
R2: Respond to Management Issues Workflow Diagram.......... D-9<br />
R3: Respond to Legal Issues Workflow Diagram.................... D-10<br />
Appendix E:<br />
One-Page Versions of the Process Workflow Descriptions<br />
and Handoffs .......................................................................... E-1<br />
PC: Prepare/Sustain/Improve ................................................... E-2<br />
Handoff from Any Activity Inside or Outside CSIRT Process to PC:<br />
Prepare/Sustain/Improve.......................................................... E-7<br />
Handoff from PC: Prepare/Sustain/Improve to PI: Protect<br />
Infrastructure ............................................................................ E-8<br />
PI: Protect Infrastructure Workflow Description......................... E-9<br />
Handoff from Any Activity Inside or Outside CSIRT Process to PI:<br />
Protect Infrastructure...............................................................E-11<br />
Handoff from PI: Protect Infrastructure to D: Detect Events.....E-12<br />
Detect Events Workflow Description........................................E-13<br />
Handoff from Any Activity Inside or Outside of the Organization to<br />
D: Detect Events .....................................................................E-15<br />
Handoff from D: Detect Events to T: Triage Events .................E-16<br />
T: Triage Events Workflow Description....................................E-17<br />
Handoff from T: Triage Events to R: Respond .........................E-19<br />
Respond Process Workflow Description..................................E-21<br />
Handoff from R: Respond to PC: Prepare/Sustain/ Improve ....E-24<br />
CMU/SEI-2004-TR-015<br />
iii