What is specified in the plan element of the NIST incident response plan?
- metrics for measuring the incident response capability and effectiveness
- organizational structure and the definition of roles, responsibilities, and levels of authority
- priority and severity ratings of incidents
- incident handling based on the mission of the organization
|
Explanation & Hint: NIST recommends creating policies, plans, and procedures for establishing and maintaining a CSIRC. One component of the plan element is to develop metrics for measuring the incident response capability and its effectiveness. |