Appendix A: CSIRT Flashcards by Harry H

Coordination centers

Coordinate handling of incidents across various CSIRTs. (i.e. US-CERT)

How well did you know this?

Not at all

Perfectly

Analysis Centers

Synthesize data. Look for trends in incident activity.

How well did you know this?

Not at all

Perfectly

Vendor teams

Vendor team that handles vulnerabilities in their products. Also remediation and mitigation.

How well did you know this?

Not at all

Perfectly

Incident response providers

MSSP

How well did you know this?

Not at all

Perfectly

CSIRT Constituency

Who they support

How well did you know this?

Not at all

Perfectly

CSIRT relationship to others

Peers

How well did you know this?

Not at all

Perfectly

CSIRT place in org.

Roots (mostly in the SOC)

How well did you know this?

Not at all

Perfectly

Reactive service

Triggered by an event, request,

How well did you know this?

Not at all

Perfectly

Proactive service

Prepare, protect systems

How well did you know this?

Not at all

Perfectly

Triage function

Help desk level activities.

How well did you know this?

Not at all

Perfectly

Handling function

Reviews incident report. Analysis. Responses. Notification.

How well did you know this?

Not at all

Perfectly

Feedback function

Supports giving feedback on issues not related to specific incident.

Interface with media.

How well did you know this?

Not at all

Perfectly

Optional announcement function

Provides advisories

How well did you know this?

Not at all

Perfectly

Brainscape's Knowledge GenomeTM

Appendix A: CSIRT Flashcards

Brainscape's Knowledge Genome^TM