5-2 Discussion_ Mindset_ Incident Response Procedures, Forensics, and Forensic Analysis

docx

School

Southern New Hampshire University *

*We aren’t endorsed by this school

Course

-510

Subject

Information Systems

Date

Oct 30, 2023

Type

docx

Pages

2

Uploaded by ElderLightning8081

Report
Hello all, During a system audit a remote login was identified as an IP address located in North Korea. As our company currently does not have ties to North Korea we must take next steps as quickly as possible. As a defender of the system the incident response life cycle should be implemented in order to ensure that all bases are covered when dealing with the attack. The first step is preparation; however, the attacker has already entered the system and we are in the process of detection and analysis. The IP address has been located allowing network and data administrators to run the IP address and view the log books. This will tell the user what the attacker gained access to, where the attacker is located, and can assist in the next step of containment, eradication, and recovery. During this process in this case, the IP address would be contained and the attacker would no longer have access into the system as the defenders, network administrators would change the user information including new passwords, login information, and entry ways into the system (NIST, 2012). This assists in containing the attacker and prevents any further damage. This then allows the investigating user of the system to eradicate the attacker by examining where the attacker has been and where the attacker is. Firewall and anti-malware will then be introduced into the system to protect the company and eradicate the attacker. The next steps that need to be taken are post incident activity such as documentation and preparation for the next attack. Documentation will highlight what occurred, who was responsible, all parties involved, and the incident that occurred. The information technology team will then meet and review the incident response plan as a precaution for the next event. It is important to learn from the incident therefore the information technology team should remain trained and vigilant against attacks both internal and external.
Please see the below image for more information on the incident response life cycle (NIST, 2012). Reference NIST. (2012). Computer Security Incident Handling Guide . NIST Technical Series Publications. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf Thank you all! Best, Ryan White
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

A4 Brendyn Hitt.docx
Offensive Cybersecurity Final Draft.docx
Grammar and spelling check.docx
_6-1 Lab Activity_ Closing Security Holes.docx
5-3 Lab Activity_ Common Locations of Windows Artifacts Response 1.docx
4-1 Discussion_ Thinking Like a Hacker Response 1.docx
FW 366 Course Schedule.pdf
IT526 Unit 1a.pdf
week-4.docx
Inital Phase.png
Applying ecological systems theory.docx
C201B Quiz.docx

Browse Popular Homework Q&A

Q: The Federal Reserves establishes the interest rate charged on funds it loans to banks and other…
Q: ease answer this question How can you resolve aliases?
Q: Problem 2: Determine the following: (d) Current gain (e) Power gain (f) Output resistance
Q: The MOSFET in the circuits has W k'. -=1 m A/V2, λ=0 and V₁=2.0 V "L Determine the voltages V₁, V₂,…
Q: 4. Liam initially has a weekly allowance of €24 to spend on eggs (at €0.40 per egg) and beans (at…
Q: What can we say about 5"-2" for any natural number n? Justify your response. which 15 divisible by 3
Q: A pellet which holds a charge of 10 coulombs is moving upwards (+Y) and driven by an electric field…
Q: The price of a condominium is $152,000. The bank requires a 5% down payment and one point at the…
Q: 1) Does every mole weigh the same? Please explain 2) How are liters used to determine moles? for…
Q: An electrophilic addition reaction of a conjugated diene that is thermodynamically-controlled
Q: b. The price of a car is $25,000. You have saved 25% of the price as a down payment. After the down…
Q: solve:
Q: Please check
Q: Sep. 6 Issued 500 shares of common stock to the promoters who organized the corporation, receiving…
Q: The Refining Department of Crystal Cane​ Sugar, Inc. had​ 65,000 tons of sugar to account for in…
Q: Please accept two follow up questions  how did Z^2  becomes Z^3 in the denominator  Where did the 2!…
Q: What happens to 50 mL of a gas if the pressure increase 5 times and the temperature doubles?
Q: Suppose that the national average for the math portion of the College Board's SAT is 515. The…
Q: A company has earnings per share of $3.75 and P/E of 47. What is the stock price? Question 12…
Q: Use PMT= to determine the regular payment amount, rounded to the nearest dollar. Your credit care…
Q: How many grams of silver can be plated onto an object in 7.46 minutes at 3.07 A of current? Ag¹(aq)…
Q: Can someone please explain how to identify chiral center I mistake certain points as chiral centers…
Q: Let x be a random variable representing percentage change in neighborhood population in the past few…
Q: Which nucleic acid contains the nitrogenous base uracil? RNA DNA DNA and RNA
Q: A dimeric binding protein has a KD1 of 50 nM and a Hill coefficient of 1.4. What is the fraction of…