Investigate Restore & Recover Tools for System Integrity

Recent contracts with the Departments of Defense and Homeland Security have imposed additional security requirements upon Sifers-Grayson and its lab operations. The company is now required to comply with NIST Special Publication 800-171 Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations. The company must also comply with provisions of the Defense Federal Acquisition Regulations (DFARS) including section 252-204-7012 Safeguarding Covered Defense Information and Cyber Incident Reporting. These requirements are designed to ensure that sensitive technical information, provided by the federal government and stored on computer systems in the Sifers-Grayson R&D DevOps lab, is protected from unauthorized disclosure. This technical information includes software designs and source code for unmanned vehicles for which Sifers-Grayson is providing software support and maintenance. The contract requirements also mandate that Sifers-Grayson report cyber incidents to the federal government in a timely manner. As part of the reporting requirements, Sifers-Grayson must provide documentation about its Incident Response Processes and Procedures.

Prepare draft incident response guidance to be included in the Sifers-Grayson Incident Responder’s Handbook. Your draft guidance will explain the use of Windows 10 operating system features (utilities) and describe how each could be used as part of an incident response process. The guidance documents to be completed under this task are: (a) Creating, Using, and Removing System Restore Points and System Image Backups (b) Managing Installation, Removal, and Updating of Programs, Applications, and Operating System Features for Windows 10