Complete a reflection for Situation

Complete a reflection for Situation - Email Roulette

Reference no: EM132228570 , Length: word count:2000

Project -

In Project, we'll be continuing our work with reading and reviewing PCAPs as it is essential for a security analyst to understand how to do this and to be very familiar with Wireshark.

Situation 1 -

Situation: Cry Baby Businessman

You've just arrived for an afternoon shift at your company's Security Operations Center (SOC). As you enter the building, you're walking down the main hallway, and you hear someone crying from one of the office rooms nearby.

You follow the noise and find it coming from a fancy office. Poking your head in the door, you see the owner's son sitting at his desk, still crying.

When you ask what's wrong, he replies, "My computer's telling me my files are locked, and I have to pay money to get them back!"

You ask him if he has any backups.

He blinks and replies, "Backwhat?"

You shake your head and say he's out of luck. He cries again and eventually quiets down. He then asks, "How did this happen?"

"Sounds like ransomware," you tell him. "I need to get to work, but I'm one of the SOC analysts here."

He blinks again and says, "Ransomwhat?"

You stare at him for a second then say, "I'm part of the team that monitors network alerts for suspicious activity There's bound to be an alert on what happened. Let me look into it for you."

He pouts, stomps his foot, and says, "I want to know who did this!"

While you might not be able to tell him who did it, you can surely figure out how the infection happened. You review the network alerts and see there's only one IP address with anything related to ransomware activity. You query all alerts for his IP address, and you retrieve network traffic from that IP for the appropriate timeframe.

Students should:

1. Download this PCAP and review these alerts

2. Review the sample analysis discussing these questions:

Date and time of the activity.
A brief description of what happened to crybaby businessman's computer.

Situation 2 -

Situation: Email Roulette

You're working as an analyst at a Security Operations Center (SOC) for a Thanksgiving-themed company.

One quiet evening, you hear someone knocking at the SOC entrance. As you answer the door, an exhausted mail server technician stumbles in and quickly falls to the floor. He whispers in a shaky voice, "Mail filters are down... Spam everywhere..."

As you help him up, he looks to the sky and yells, "The gates of hell have opened!"

The technician immediately collapses again and softly whispers, "The horror... The horror..."

The mail filter outage lasted throughout the next day. Fortunately, very few incidents were reported. But one example caught your eye.

During the mail filter outage, one of the company employees decided to play "email roulette." The employee opened one of the malicious emails from his inbox and treated it as a legitimate message.

Students should:

1. Download this PCAP and open these emails

2. Review the sample analysis discussing these questions:

Date and approximate time of the infection.
The infected computer's IP address.
The infected computer's MAC address.
The infected computer's host name.
Which email the employee opened.

Complete a 3-5 page reflection (double spaced) for Situation 1 and a 3-5 page reflection (double spaced) for Situation 2. Given these sample incident reports, write about what you learned, what you have questions about, what you researched as part of this review, and anything else you feel is relevant.

Attachment:- Assignemnt Files.rar

Reference no: EM132228570

Questions Cloud

Who obtains the goods and services that are produced : In a market system, who decides what goods and services are produced and how they are produced and who obtains the goods and services that are produced.

The degree of corporate social responsibility : Explain the stakeholder model. How do we use it to assess the degree of corporate social responsibility that an organization engages in?

What is frieda mu of cooking : Frieda enjoys cooking and baking. Her utility function is U(C, B) = 6C + 3B, where C is the number of hours she spends cooking and B is the hours she spends

Describe the causes and consequences of the 2007 mortgage : Describe the causes and consequences of the 2007 mortgage default crisis. What could the government have done to prevent this crisis?

Complete a reflection for Situation - Email Roulette : Complete a 3-5 page reflection (double spaced) for Situation 1 and a 3-5 page reflection (double spaced) for Situation 2. Write about what you learned

Explain culture and cross-cultural risks : Provide at least one example from the Kingdom of Saudi Arabia where cultural values have been affected by international business.

How we adapt to survival in the outside world : Also, look at how we adapt to survival in the outside world. Discuss how maintaining homeostasis gives us greater freedom of activity from dependence.

Large projects implemented in GCC region : You can choose one of the large projects implemented in GCC region or other geographical region

Calculate the cross price elasticity for the good : Calculate the cross price elasticity for the other good Y. Is the other good is a substitute good or a complimentary good to the first one?

Reviews

len2228570

2/5/2019 10:36:40 PM

Need 2000+ words. Instructions - Grammar and turnitin report is mandatory. Install and use Wireshark for opening the pcap files for each situation. Complete a 3-5 page reflection (double spaced) for Situation #1 and a 3-5 page reflection (double spaced) for Situation #2. Given these sample incident reports, write about what you learned, what you have questions about, what you researched as part of this review, and anything else you feel is relevant. Wireshark download link is in attached file.

Write a Review

Required(*) Message

User Account

All Pages