SI-4(7)
SI-4(7): Automated Response to Suspicious Events
The information system notifies [organization-defined incident response personnel (identified by name and/or by role)] of detected suspicious events and takes [organization-defined least-disruptive actions to terminate suspicious events].
Supplemental
Least-disruptive actions may include, for example, initiating requests for human responses.
CIA Levels | |
---|---|
Confidentiality | unknown |
Integrity | unknown |
Availability | unknown |
Overlays |
---|
None |
CSF Categories |
---|
None |