Description: In-depth, comprehensive, professionally developed incident response testing tabletop exercises for ensuring organizations undertake annual incident response testing as required by IR-3 within NIST SP 800-53, Revision 5.
The following ten (10) tabletop exercises are included: 1. Ransomware Attack. 2. Unauthorized Use of USB Drive. 3. Distributed Denial of Service (DDoS) Attack. 4. Insider Threat. 5. Threat of a Network Attack. 6. Unauthorized Use of File Sharing Websites. 7. Stolen User Account Credentials. 8. Unpatched vulnerabilities to Legacy Systems. 9. Use of Generic Accounts and Data Backup Issues. 10. Attack on Cloud Computing Environment.
Specifications:Developed in accordance with NIST SP 800-53, Revision 5 (12-10-2020), and other related security control frameworks, where applicable.
Control Family: Incident Response (IR).
Security Control Baseline Coverage:Includes coverage for all LOW, MOD, and HIGH Baselines, per NIST SP 800-53B (12-10-2020).
Direct Compliance Use:FISMA, FedRAMP, NISP eMASS RMF, and other related NIST RMF reporting requirements for security and privacy. Can be used for mapping to DFARS NIST 800-171 and CMMC controls, where applicable.