What tools would you use to contain from the incident

Assignment Help Other Subject

Reference no: EM132348229

Assignment: Select ONE of the following security incidents and provide the following information:

1. A SQL Injection was performed by a hacker, resulting in the loss of PII data.

2. You have discovered a covert leak (exfiltration) of sensitive data to China.

3. Malcious code or malware was reported on multiple users' systems.

4. Remote access for an internal user was compromised - resulting in the loss of PII data.

5. Wireless access. You discovered an "evil twin" access point that resulted in many of your users connecting to the hacker's access point while working with sensitive data.

6. Compromised passwords. You discovered that an attacker used rainbow tables to attack your domain's password file in an offline attack. Assume that all of your user's passwords are compromised.

7. A DoS or DDoS was performed against your system, resulting in the loss of 3 hours of downtime and lost revenue.

Paragraph 1: IRT Team. What would the IRT team look like for this incident (who would be on the team to be able to effectively handle the event)? Justify your choices.

Paragraph 2: Approach. Address HOW you would respond. What logs or tools would you use to identify/analyze the incident? What would alert you to the incident? What tools would you use to contain/recover from the incident?

Paragraph 3: Metrics. Who would you measure your team's response effectivenss? What measurements/metrics would you track?

For your response to 2 other learners this week, I'm only giving points if you provide a critical review of 2 other posts and include a recommendation for them to improve their post. No points for "adding points" that don't relate to that student's post.

Reference no: EM132348229

Questions Cloud

Assessment of stakeholder interaction effectiveness : Explain how organisational policies and procedures affect the assessment of stakeholder interaction effectiveness

Share evolving stakeholder interests : Give an example of how you could share evolving stakeholder interests and expectations across the program.

Evaluating the company environment and current position : For this assignment, select a publicly traded company, your place of employment, or an organization you are familiar with. According to the CTO, strategic.

What would you do as a project manager to ensure : What would you do as a project manager to ensure you have the information, process, WBS, and GANTT Chart done expeditiously?

What tools would you use to contain from the incident : Approach. Address HOW you would respond. What logs or tools would you use to identify/analyze the incident? What would alert you to the incident?

Prepare Presentation for the Virtual Capstone Defense : You will create a Power-Point Presentation of 10-20 slides for the Virtual Capstone Defense. You will also need to include your Speaker Notes in Presentation

Develop a use-case description for each major use case : Develop a use-case description for each major use case. Create a high-level requirements document which captures the major functions of the system.

What are the techniques currently used to build models : How is the model-based policy design different from intuitive policy making? What are the techniques currently used to build models?

Explain human resource management process : Explain human resource management process, its role in supporting overall organizational strategies and various functions involved in human resource management.

User Account

All Pages