{"id":25262,"date":"2021-07-28T03:29:41","date_gmt":"2021-07-28T03:29:41","guid":{"rendered":"https:\/\/papersspot.com\/blog\/2021\/07\/28\/assignment-detailsyour-individual-project-for-this-unit-has-you-responding-to-management-as-the\/"},"modified":"2021-07-28T03:29:41","modified_gmt":"2021-07-28T03:29:41","slug":"assignment-detailsyour-individual-project-for-this-unit-has-you-responding-to-management-as-the","status":"publish","type":"post","link":"https:\/\/papersspot.com\/blog\/2021\/07\/28\/assignment-detailsyour-individual-project-for-this-unit-has-you-responding-to-management-as-the\/","title":{"rendered":"Assignment DetailsYour individual project for this unit has you responding to management as the"},"content":{"rendered":"<p>Assignment Details <\/p>\n<p>Your individual project for this unit has you responding to management as the IT Team Lead concerning the malware scenario below. <br \/>Scenario: LMJ-Ad corporate management has been informed by the network administrative team that there was a malware attack and infection overnight at the system level, now spreading to the network enterprise level, requiring the incident response team to take immediate action. The infection came from a malware attachment on a phishing email and was reported by a user with a priority trouble ticket. Initial interviews suggest the incident may have come from an internal employee. <br \/>Provide the following for your investigative report: <br \/>General Incident Information <\/p>\n<p> Cover Page (Page 1 &#8211; not counted in total page count): <\/p>\n<p> Date: Incident POC Name <br \/>Time: Incident POC Phone <br \/>Time Zone: Incident POC Email <br \/>Initial Identification <br \/>Section 1.0 (Page 1):\u00a0Date, time, and time zone for first detection <br \/> Example: Threat identified 8\/6\/20; 11:34am; ET <br \/>Section 2.0 Impacted Personnel (Page 1):\u00a0List names and contact information for all persons involved in detection and initial investigation <br \/> Example: Mr. John Doe; Incident Response Lead; 555-555-5656; Mrs. Jane Doe; Network Engineer; 556-557-5678 <br \/>Section 3.0 Incident Detection Specifics (Page 1; 2 paragraphs):\u00a0How was the incident detected? <br \/> Example: IDS\/IPS\/HIDS\/NIDS alerts; Violation of user behavior baseline; security event threat detection; suspicious network traffic patterns; ransomware, or malware alerts from anti-virus\/malware software <br \/>Section 4.0 Threat Identification (Page 2; 2 paragraphs):\u00a0What do you think the threat is? <br \/> Example: Classification of threat is based on type of behavior analyzed either live or via logs, and recovered digital forensics data <br \/>Section 5.0 Infected Resources (Page 3-4; 2-3 paragraphs):\u00a0List of systems and network components involved both at the system and network levels: System 1, 2, 3; Network component A, etc., and infections found <br \/>Example: Lenovo 20L5000; Serial #; IP Address x; infection <br \/>Section 6.0 Digital Evidence (Page 4-5; 2-3 paragraphs):\u00a0Where can supporting evidence be found? <br \/>Example: Location of log file, log file types, time stamps, screen shots, IDS reports <br \/>Section 7.0 Tools and Procedures (Page 5-6; 2-3 paragraphs):\u00a0Describe the tools and procedures used for acquiring the media (ex., disk-to-disk, disk to image, sparse copy), thus creating the forensic image of the media for examination. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>Assignment Details Your individual project for this unit has you responding to management as the IT Team Lead concerning the malware scenario below. Scenario: LMJ-Ad corporate management has been informed by the network administrative team that there was a malware attack and infection overnight at the system level, now spreading to the network enterprise level, [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[36],"class_list":["post-25262","post","type-post","status-publish","format-standard","hentry","category-research-paper-writing","tag-information-technology"],"_links":{"self":[{"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/posts\/25262","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/comments?post=25262"}],"version-history":[{"count":0,"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/posts\/25262\/revisions"}],"wp:attachment":[{"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/media?parent=25262"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/categories?post=25262"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/tags?post=25262"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}