RS.MA-03:

Implementation Examples

Ex1:

Further review and categorize incidents based on the type of incident (e.g., data breach, ransomware, DDoS, account compromise)

Ex2:

Prioritize incidents based on their scope, likely impact, and time-critical nature

Ex3:

Select incident response strategies for active incidents by balancing the need to quickly recover from an incident with the need to observe the attacker or conduct a more thorough investigation