Rapid Response Retainer
Professional Service Description
Menu-Based Computer
Incident Response Training
1. Scope of Work.
1.1. Menu-based Computer Incident Response Training. Verizon will
provide computer incident response training (the IR Training) to train Customers
employees, specifically the Customers first responders and/or members of
Customers incident response (IR) team (the Attendees). IR Training provides
training on industry practices and standards for responding to and
investigating cyber security incidents such as data security breaches. The IR
Training will leverage real-world threat and risk scenarios derived from
Verizons Data Breach Investigations Report and Verizon security professionals
experience. Customer and Verizon will mutually develop a course agenda to meet
Customers IR Training requirements from the list of modules below (the
Menu):
·
Current state of
security, generally;
·
Incident response process;
·
Evidence handling;
·
Volatile data
collection and analysis techniques;
·
Forensic imaging
techniques;
·
Memory analysis;
·
Basic forensic
analysis techniques systems analysis;
·
Basic malware
analysis techniques;
·
Mock incident
table-top exercise;
·
Information technology
concepts for legal practitioners;
·
Discovery response
fundamentals;
·
Bridging the gap
between IT and legal; and
·
E-discovery tools
scoping and system proof of concept testing.
1.2. Verizon will provide from the
following, as further defined in the Engagement Letter:
1.2.1. Up to two (2) instructors per
course;
1.2.2. The number of
Hours consumed by the IR Training; and
1.2.3. The number of
day(s) and hours per training day for each course.
1.3. Training Plan and Kick-off. Verizon will
designate an engagement manager (EM) who will act a point of contact for Customer
for the term of the Customers use of IR Training. The EM will work with Customer
personnel to develop a training plan (Training Plan) which will specify
resources, dates, times, and location for the course. Verizon and Customer will
mutually agree to the Training Plan prior to proceeding with the IR Training.
1.4. Training Materials. Verizon will provide Customer with a
PDF version of the Power Point presented in the IR Training.
1.5. Verizon will work with Customer to schedule
a scoping conference call to initiate the Project. During or before the scoping
call, Customer will provide a list of appropriate contact personnel with after
hours emergency contact numbers, and appropriate on-site authorization
documentation (where applicable).
2. Deliverables and Documentation to be produced
by Verizon (if any). Any Deliverables provided
by Verizon
are intended for Customer and
Verizon use only. Customer may disclose a Deliverable to a third party pursuant
to the confidentiality terms of the Agreement.
Verizon will provide:
2.1. Training Plan; and
2.2. Training Materials.
3. Documentation to be produced by
Customer and Customer Obligations (if any). Delivery of the Professional Services by Verizon is dependent on Customers performance of the
following:
3.1. Customer will appoint a single
point of contact for co-ordination of the Project activities for interaction
with Verizon and ensuring smooth data flow and exchange of information required
for execution of the Project within the agreed time-frame;
3.2. Each Customer Attendee will bring a
laptop to the course, or will use a computer provided by Customer in Customers
training facility; and
3.3. As requested by Verizon,
Customer will download freeware from the internet to Attendees computers prior
to the start of the course.
4. Assumptions (if any). Delivery of the
Professional Services by Verizon is predicated on the following assumptions and
conditions:
4.1. The Professional Services are based
on Verizons understanding of Customers requirements. Should the scope of the
Project change, the Project Manager will continue to work only after mutual
execution of an amended Engagement Letter;
4.2. Customer retains responsibility for
the implementation of any changes to applications or devices managed by Customer
or associated service providers under the Engagement Letter;
4.3. Each course will have a maximum of
20 Attendees; and
4.4. Each course will require an
Engagement Letter.