The US Federal Government requires various categories of security incidents.
Incident Type |
Features |
Category |
network defense testing |
exercises and approved activity testing of network defenses or responses |
CAT 0 |
unauthorized access |
access without permission |
CAT 1 |
denial of service (DoS) |
attack to exhaust resources |
CAT 2 |
malicious code |
malware |
CAT 3 |
improper usage |
violation of acceptable use policies |
CAT 4 |
attempted access or probe |
seeks access, open ports, etc to be exploited later |
CAT 5 |
under investigation |
unconfirmed incidents being reviewed |
CAT 6 |
Category |
Reporting Timeframe |
CAT 0 |
NA |
CAT 1 |
within 1 hour |
CAT 2 |
within 2 hours |
CAT 3 |
within 1 hour if widespread, else once daily |
CAT 4 |
weekly |
CAT 5 |
within 1 hour if classified, else monthly |
CAT 6 |
NA |