SI-04(07) Automated Response to Suspicious Events

(a) Notify si-04.07_odp.01 of detected suspicious events; and

(b) Take the following actions upon detection: si-04.07_odp.02.

Parameter ID Definition
si-04.07_odp.01 incident response personnel
si-04.07_odp.02 least-disruptive actions

Baselines

Guidance

Least-disruptive actions include initiating requests for human responses.