SI-04(07) Automated Response to Suspicious Events
(a) Notify si-04.07_odp.01 of detected suspicious events; and
(b) Take the following actions upon detection: si-04.07_odp.02.
| Parameter ID | Definition |
|---|---|
| si-04.07_odp.01 | incident response personnel |
| si-04.07_odp.02 | least-disruptive actions |
Baselines
- L
- M
- H
- P
Guidance
Least-disruptive actions include initiating requests for human responses.