NIST SP 800-61 r2 outlines a structured incident handling lifecycle composed of four phases: Preparation, Detection and Analysis, Containment, Eradication, and Recovery, and Post-Incident Activity. Detection and Analysis involve identifying and investigating incidents, while Post-Incident Activity focuses on lessons learned and evidence retention for future reference.
References: SP 800-61 Rev. 2, Computer Security Incident Handling Guide | CSRC, Computer Security Incident Handling Guide - NIST, We Read NIST SP 800-61 so You Don't Have to.

A load balancer is the correct technology to implement a solution that makes routing decisions based on HTTP header, uniform resource identifier (URI), and SSL session ID attributes. Load balancers can inspect incoming traffic and make routing decisions to distribute the traffic across multiple servers based on various attributes, including the ones mentioned, to ensure optimal resource use and efficient traffic management12.
References :=
* Cisco Unified Border Element Configuration Guide1.
* URI based outbound Dial-peer configuration on CUBE - Cisco Community

Section: Security Concepts

Separation of duties is a security principle that requires more than one person to perform a critical task, such as authorizing a transaction, approving a budget, or granting access to sensitive data. Separation of duties reduces the risk of fraud, error, abuse, or conflict of interest by preventing any single person from having too much power or privilege. Least privilege, need to know, and due diligence are other security principles, but they do not require more than one person to perform a critical task. References: Separation of Duty (SOD) - Glossary | CSRC - NIST Computer Security ..., Separation of Duties | Imperva