The file is attached.

The file is attached.
Crafting a Security or Computer Incident Response Policy—CIRT Response Team        Overview In this lab, you defined the purpose of a security or computer incident response team (CIRT), you identified major elements of a security or computer incident response methodology, you aligned the roles and responsibilities to elements of a CIRT response team, you identified critical management, human resources, legal, IT, and information systems security personnel required for the CIRT response team, and you created a CIRT response policy definition that defines the CIRT response team’s purpose and goal and the authority granted during an incident.  Instructions Answer the Lab Assessment Questions in Word Document follow APA.    References are required (minimum of three, textbook is required).  Each answer requires citation.  Type the question then answer. Answer each questions with a paragraph (4-5 sentences).  First question will have 6 paragraphs.  Lab Assessment Questions Describe the 6 steps in the incident response procedures from the textbook (Figure 12-2)?    (30 points) If an organization has no intention of prosecuting a perpetrator or attacker, does it still need an incident response team to handle forensics? Why is it a good idea to include human resources on the incident response management team? Why is it a good idea to include legal or general counsel on the incident response management team? How do an incident response plan and incident response team help reduce risks to the organization? If you are reacting to a malicious software attack, such as a virus and its spread, during which step in the incident response process are you attempting to minimize its spreading? Explain your answer.  When a security incident has been declared, does a PC technician have full access and authority to seize and confiscate a vice president’s laptop computer? Why or why not? For which step in the incident response methodology should you document the steps and procedures to replicate the solution?  Explain your answer.  Why is a post-mortem review of an incident the most important step in the incident response methodology? Why is a policy definition required for a computer security incident response team?