This document describes the plan of action to be followed when various IS security related incidences occur at the Naval Research Laboratory. Contingency plans include a background of the potential problem area, detailed instructions to follow when the incident occurs, individual responsibilities and lines of authority for plan implementation, plan testing, and long term impact to NRL should an incident take place.
The initial identification, control procedures, and organizational responsibilities for a broad list of incidences which effect NRL computing resources are covered. It is, in effect, a Contingency Plan cover both what to do in the event of an incident occurrence and also a description of the technology involved.
In order to determine what actions users, system administrators, and IS Security Group investigators must do, each section is broken down into the following individual areas.
This document is a comprehensive incident response plan containing background information and general instructions to be followed by IS Security Group personnel for a number of issues. Incident response planning (break-ins and asses loss), virus control, remnance control, software piracy control, and software write protection control are all part of this effort. Appendices attached to this plan contain request models for the applicable control issues identified herein.