Kelly’s organization has created an incident response policy that outlines the high-level goals of the IR process. Next, she wants to create detailed documents that describe the steps to handle specific incident types like denial-of-service attacks. What document should she create?

Playbooks provide detailed, step-by- step instructions for how to address specific topics like denial-of-service attacks. Standards describe the settings or requirements that the organization wishes to use. Regulations are law and are not set by the organization, and guidelines provide advice to organizations seeking to comply with the policy and standards.