Back to Course

Incident Response

0% Complete
0/71 Steps
  1. Incident Response
    Incident Reporting
  2. Incident Response Use Cases
    Lab Setup
  3. Role Playing - Shift Manager
  4. Demonstrating: Investigating and Escalating
  5. Report from Malware Analyst
  6. Exercise 1.1: Exploring Suspicious Executable Detected using SIEM
  7. Exercise 1.2: Investigating Multiple Failed Logins using SIEM
  8. Exercise 3: Mitigating Risk
  9. Exercise 4.1: Asking the Right Questions
  10. Scenario 4.1: Asking the Right Questions
  11. Scenario 4.2: Suspicious or Malicious?
  12. Exercise 4.2: Reviewing the Shift Log
  13. Exercise 4.3: Investigating an Unauthorized Login Attempt
  14. Exercise 4.4: Investigating Firewall Traffic
  15. Exercise 4.5: Reviewing the Security Operations Mailbox
  16. Exercise 5.1: Reviewing New Intelligence
  17. Exercise 5.2: Assessing Threat Severity
  18. Exercise 6: Recommending Remediation
  19. Exercise 7: Conducting a Post-Incident Review
  20. Exercise 8: Communicating with Operations and Senior Management
  21. Business Continuity
    Business Continuity Plan Development
    8 Topics
  22. BCP Invocation Process
    2 Topics
  23. Emergency Procedures
    7 Topics
  24. Crisis Management Team
    10 Topics
  25. BCP Seating Plan
  26. Overview
  27. Disaster Recovery
    Scope of Critical Services
  28. Network Services
  29. Application Hosting Service
  30. File Hosting Services
  31. Call Centre and Voice Recording Services
  32. Regulatory Links
  33. Thin Client Environment
  34. Voice System (Non-Service Desk)
  35. Printing Services
  36. Recovery Time Objective (RTO) & Recovery Point Objective
  37. Single Point of Failure
  38. Redundancy Requirements
  39. Alternate Locations
  40. Contact Protocol
    4 Topics
Lesson 23, Topic 2
In Progress

Bomb Threat

Lesson Progress
0% Complete

Call Recipient Role

  •  Report immediately to the Security Head. All bomb threats must be taken
  • seriously.
  •  Keep calm and courteous. Listen carefully and do not interrupt the person
  • making the threat.
  •  Keep the caller on the line as long as possible
  •  Try to get the attention of your co-workers to notify the Security Head.
  •  Get as much information as you can. Questions to ask include:
    1. a) What time will the bomb explode?
    2. b) Where exactly is the bomb?
    3. c) Why was the bomb placed?
    4. d) What does it look like?
    5. e) Where did you get this information?
    6. f) Who are you?

BCP Owner Role

  •  Confirm that the bomb warning or an alert has been communicated to all
  • employees and Security Head.
  •  The Security Head will report to National Security or Police Force.
  •  Coordinate with the fire warden for immediate evacuation of bank premises.
  •  Shut down the power supply (if possible).
  •  In case of actual explosion, identify the injured personnel, contact their
  • families and/or relatives, coordinate with HR for immediate referral to the
  • nearest hospital and keep a record of the hospitals where the injured are
  • admitted.
  •  Report damage to Senior Management to consider activation of Business
  • Continuation Action Plan if necessary.