pkatha706-dot/NIST-CSF-Incident-Report

# Incident Response & NIST CSF 2.0 Alignment: ICMP Flood Attack ## 📝 Project Overview This project demonstrates the execution of a formal Post-Incident Review (PIR) and response plan following a simulated Denial-of-Service (DoS) attack. The objective was to document the incident timeline, identify the root cause, and align the containment, mitigation, and governance efforts with the updated National Institute of Standards and Technology Cybersecurity Framework (NIST CSF 2.0). ## 🎯 Scenario On May 20, 2026, the organization's internal network experienced a DoS attack lasting approximately two hours. A malicious actor exploited an unconfigured perimeter firewall by flooding the network with ICMP echo request packets, rendering critical internal network services unavailable to staff. ## 🛠️ Skills & Frameworks Demonstrated * **Incident Response:** Triage, containment, eradication, and recovery planning with a mapped incident timeline. * **NIST Cybersecurity Framework (CSF) 2.0:** Applied the Govern, Identify, Protect, Detect, Respond, and Recover core functions. * **Network Security:** Firewall rule configuration, ICMP rate-limiting, and source IP verification. * **Security Governance:** Establishing formal risk management strategies, firewall change management policies, and vendor SLA reviews. ## 📄 Full Report View the Full Incident Report (PDF) *Note: This is a simulated scenario completed as part of the Google Cybersecurity Professional Certificate, updated to reflect current enterprise reporting standards.*