Incident Response - Level 5
CMMC IR.5.110 - Perform Unannounced Incident Responses Exercises
Requirement text: IR.5.110: Perform unannounced operational exercises to demonstrate technical and procedural responses. DISCUSSION FROM SOURCE: CMMC An organization is stronger against a cyber-attack when the incident response capability is proven ...
CMMC IR.5.108 - Establish Cyber Incident Response Team
Requirement text: IR.5.108: Establish and maintain a cyber incident response team that can investigate an issue physically or virtually at any location within 24 hours. DISCUSSION FROM SOURCE: DRAFT NIST SP 800-171B A cyber incident response team ...
CMMC IR.5.102 - Use Manual and Automated Responses to Incidents
Requirement text: IR.5.102: Use a combination of manual and automated, real-time responses to anomalous activities that match incident patterns. DISCUSSION FROM SOURCE: CMMC Response activities are necessary because the defenders of an organization’s ...
CMMC IR.5.106 - Utilize Forensic Data for Incident Response
Requirement text: IR.5.106: In response to cyber incidents, utilize forensic data gathering across impacted systems, ensuring the secure transfer and protection of forensic data. DISCUSSION FROM SOURCE: CMMC Organizations need to have the ability to ...