User Account

All Pages

Analyze logs when investigating affected hardware

Assignment Help Other Subject
Reference no: EM133565800

Reporting Incident Response

The learner recommends solutions to respond to a detected cybersecurity incident.

INTRODUCTION

Throughout your career in security operations, you will be asked to investigate incidents and recommend responses to those incidents. You will need to analyze logs when investigating affected hardware, diagnose an attack and its impact, and recommend next steps in an incident response report.

In this task, you are given the attached "Background Information" reference document containing a security operations scenario and associated helpdesk ticket artifacts. You will access a virtual lab environment to investigate and interact with the affected hardware discussed in the "Background Information" document. Next, you will create an incident response report using the attached "Incident Reporting Template" document to identify the steps taken in detecting, investigating, and remediating the issues within the virtual lab and to recommend next steps.

Your submission will include both your completed incident response report and a screenshot evidence document generated by the virtual lab environment. Additional details for interacting with the virtual lab environment, including the use of its available tools and the screenshot evidence document, can be found in the attached "Virtual Lab Supplementary Instructions" document.

SCENARIO

Refer to the scenario and artifacts in the attached "Background Information" document.

REQUIREMENTS
Your submission must be your original work. No more than a combined total of 30% of the submission and no more than a 10% match to any one individual source can be directly quoted or closely paraphrased from sources, even if cited correctly. The similarity report that is provided when you submit your task can be used as a guide.

You must use the rubric to direct the creation of your submission because it provides detailed criteria that will be used to evaluate your work. Each requirement below may be evaluated by more than one rubric aspect. The rubric aspect titles may contain hyperlinks to relevant portions of the course.

Tasks may not be submitted as cloud links, such as links to Google Docs, Google Slides, OneDrive, etc., unless specified in the task requirements. All other submissions must be file types that are uploaded and submitted as attachments (e.g., .docx, .pdf, .ppt).
A. Using the attached "Incident Reporting Template" supporting document, provide the details of the incident from the attached "Background Information" document by identifying the following:
- incident numbers
- incident dates
- report author (i.e., WGU student ID)
- report date
- summary of the incident
- impacted system
- primary function of the impacted system
- impacted users
- incident timeline
- functional impact classification
- incident priority classification
- incident type classification

B. Using the "Incident Reporting Template" supporting document, provide the details of the impacted system by identifying the following:
- hostname
- IP address
- operating system

C. Using the "Incident Reporting Template" supporting document, determine the details of the malicious traffic by identifying the following:
- destination port
- additional notes and observations gained from the malicious traffic search metadata

Note: The additional notes and observations should include details relevant to the stakeholders at the fictional organization.

D. Using the "Incident Reporting Template" supporting document, summarize the incident remediation process by identifying the following points:
- actions taken to restore impacted system functionality
- actions taken to restore network security
- additional notes and observations relevant to the summary

Note: The additional notes and observations should include details relevant to the stakeholders at the fictional organization.

E. Using the "Incident Reporting Template" supporting document, recommend 2-4 planned relevant actions to prevent similar incidents from occurring in the future. For each planned action, identify the following:
- which negative impact from the incident is addressed
- how that action will prevent reoccurrence of the negative impact

F. Provide the screenshot evidence document, in .docx format, generated by the virtual lab. For each of the five challenge questions, both the information requested by that challenge question and the unaltered watermark displaying the student ID must be clearly visible in the screenshot.

Note: Additional information can be found in the attached "Virtual Lab Supplementary Instructions" supporting document.

G. Acknowledge sources, using in-text citations and references, for content that is quoted, paraphrased, or summarized.

H. Demonstrate professional communication in the content and presentation of your submission.

File Restrictions
File name may contain only letters, numbers, spaces, and these symbols: ! - _ . * ' ( )
File size limit: 200 MB
File types allowed: doc, docx, rtf, xls, xlsx, ppt, pptx, odt, pdf, txt, qt, mov, mpg, avi, mp3, wav, mp4, wma, flv, asf, mpeg, wmv, m4v, svg, tif, tiff, jpeg, jpg, gif, png, zip, rar, tar, 7z

Attachment:- Virtual Lab.zip

Reference no: EM133565800

Questions Cloud

Why is assessment conducted before referring a child for : Why is assessment conducted before referring a child for special educations? Why do we assess different areas of functioning in special education?
The nurse is caring for the family of medically fragile : The nurse is caring for the family of a medically fragile 2-year-old girl. Which activity is most effective in building a therapeutic relationship?
Relationship between leader and people being led : Leadership is a relationship between the leader and the people being led. What does this quote mean to you?
Identify the stakeholders who aid in the collection of data : Identification of stakeholders both internal and external: Identify the stakeholders who aid in the collection of data on the organization.
Analyze logs when investigating affected hardware : Analyze logs when investigating affected hardware, diagnose an attack and its impact, and recommend next steps in an incident response report
How your company can benefit from using the tools : MKTG 324- Discuss at least 2 capital budgeting techniques and how your company can benefit from using these tools.
What type of clinical presentations may you see in adults : Describe this proposed diagnosis. What type of clinical presentations may you see in adults with developmental trauma?
How will you use the concepts of reliability and validity : how will you use the concepts of reliability and validity to help you choose an appropriate assessment from those that are available to you?
What are some of the unique needs of the child/adolescent : What are some of the unique needs of the child/adolescent patient population when it comes to both prescribing psychotropic medication and providing

Reviews

Write a Review

Other Subject Questions & Answers

  Cross-cultural opportunities and conflicts in canada

Short Paper on Cross-cultural Opportunities and Conflicts in Canada.

  Sociology theory questions

Sociology are very fundamental in nature. Role strain and role constraint speak about the duties and responsibilities of the roles of people in society or in a group. A short theory about Darwin and Moths is also answered.

  A book review on unfaithful angels

This review will help the reader understand the social work profession through different concepts giving the glimpse of why the social work profession might have drifted away from its original purpose of serving the poor.

  Disorder paper: schizophrenia

Schizophrenia does not really have just one single cause. It is a possibility that this disorder could be inherited but not all doctors are sure.

  Individual assignment: two models handout and rubric

Individual Assignment : Two Models Handout and Rubric,    This paper will allow you to understand and evaluate two vastly different organizational models and to effectively communicate their differences.

  Developing strategic intent for toyota

The following report includes the description about the organization, its strategies, industry analysis in which it operates and its position in the industry.

  Gasoline powered passenger vehicles

In this study, we examine how gasoline price volatility and income of the consumers impacts consumer's demand for gasoline.

  An aspect of poverty in canada

Economics thesis undergrad 4th year paper to write. it should be about 22 pages in length, literature review, economic analysis and then data or cost benefit analysis.

  Ngn customer satisfaction qos indicator for 3g services

The paper aims to highlight the global trends in countries and regions where 3G has already been introduced and propose an implementation plan to the telecom operators of developing countries.

  Prepare a power point presentation

Prepare the power point presentation for the case: Santa Fe Independent School District

  Information literacy is important in this environment

Information literacy is critically important in this contemporary environment

  Associative property of multiplication

Write a definition for associative property of multiplication.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +91-977-207-8620

Phone: +91-977-207-8620

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd