Home
Premium
NEW

Section I: General Information

W
Shared by: HC121007121017
Categories
Tags
-
Stats
views:
0
posted:
10/7/2012
language:
English
pages:
3
Document Sample
scope of work template 
							                                     Logo of the USDA


                    US Department of Agriculture
                      Agriculture Security Operations Center

                            Cyber Security Incident Report

                                CAT 3 – Malicious Code
This Cyber Security Incident Report follows established guidelines as determined in
Departmental Manual 3505-001: USDA Cyber Security Incident Handling Procedures.

Please complete this form by entering in the required information below then send to
cyber.incidents@asoc.usda.gov or contact the ASOC via the 24-hour Cyber Incidents Hotline
(866) 905-6890 for assistance.


SECTION I: GENERAL INFORMATION

A. Agency Information
ASOC Incident Number:
Agency Incident Number:
Individual and Organization Submitting
Report:
Date:
B. ISSPM Investigative Contact
Name of ISSPM Point of Contact:
Title:
E-Mail Address:
Office Phone:
Cell Phone:


AD-3035                                      1                              Rev. 08/08/2012
C. Technical Investigative Contact
Name of Technical Point of Contact:
Title:
E-Mail Address:
Office Phone:
Cell Phone:


SECTION II: INCIDENT MITIGATION


A. Category 3 – Malicious Code
              Task                    Action Taken/Notes   Date/Time Completed
Provide firewall and anti-
virus logs in Section V of this
report.
If PII or classified/sensitive
information was contained on
the system, was the
information compromised?
Hidden files/directories
found:
Disinfect, quarantine, delete,
and replace infected files.
Mitigate the exploited
vulnerabilities for other Hosts
within the organization.
Reimage workstation.
Ensure the machine is FDCC
compliant.




AD-3035                                        2                    Rev. 08/08/2012
SECTION III: IMPACT AND SCOPE

A. Impact and Scope
FIPS 199/Risk Level:
Determine the impact this
incident has had or will have
on your agency.
Determine whether the activity
is criminal in nature.
Forecast how severely the
organization’s reputation may
be damaged.


SECTION IV: LESSONS LEARNED

A. Lessons Learned
What attack vector was used to gain access to
the system?
What vulnerabilities were exploited?
How could this incident have been prevented?
What additional information was required to
investigate/resolve this incident?
Where was this information available?


SECTION V: ADDITIONAL INFORMATION

Provide anti-virus logs, firewall logs, screen captures, post scan logs and any additional
information not included in previous sections:




AD-3035                                          3                                 Rev. 08/08/2012
Related docs
Section I: General Information
Views: 0  |  Downloads: 0
SECTION I � GENERAL INFORMATION
Views: 0  |  Downloads: 0
SECTION I GENERAL INFORMATION
Views: 1  |  Downloads: 0
SECTION I GENERAL INFORMATION
Views: 1  |  Downloads: 0
SECTION I - General Information
Views: 0  |  Downloads: 0
SECTION I: GENERAL INFORMATION
Views: 0  |  Downloads: 0
SECTION I: GENERAL INFORMATION
Views: 0  |  Downloads: 0
SECTION I: GENERAL INFORMATION
Views: 0  |  Downloads: 0
Section I � General Information
Views: 0  |  Downloads: 0
SECTION I: GENERAL INFORMATION
Views: 0  |  Downloads: 0
Other docs by HC121007121017
Getting started
Views: 0  |  Downloads: 0
asbesmyb05
Views: 0  |  Downloads: 0
Survey Request Form
Views: 2  |  Downloads: 0
4T13 Site Suitability Inspection report v 3 2
Views: 0  |  Downloads: 0
NEW YORK STATE DEPARTMENT OF HEALTH - DOC
Views: 1  |  Downloads: 0
Cadeia de Suprimento Sincronizada
Views: 29  |  Downloads: 0
DEP 2004 CRN 10422 Live Class Syllabus
Views: 2  |  Downloads: 0
PowerPoint Presentation
Views: 0  |  Downloads: 0
Conselho Estadual de Educa��o � CEE/PE - Download as DOC
Views: 16  |  Downloads: 0