#Sales Offer!| Get upto 25% Off:
SAVE25
Log In

Scenario: LMJ-Ad corporate management has been informed by the network administrative team that there was a malware attack and infection overnight at the system level, now spreading to the network enterprise level, requiring the incident response team to take immediate action.

Assignment Details

Your individual project for this unit has you responding to management as the IT Team Lead concerning the malware scenario below.

Scenario: LMJ-Ad corporate management has been informed by the network administrative team that there was a malware attack and infection overnight at the system level, now spreading to the network enterprise level, requiring the incident response team to take immediate action. The infection came from a malware attachment on a phishing email and was reported by a user with a priority trouble ticket. Initial interviews suggest the incident may have come from an internal employee.

Provide the following for your investigative report:

General Incident Information
Cover Page (Page 1 – not counted in total page count):
Date: Incident POC Name

Time: Incident POC Phone

Time Zone: Incident POC Email

Initial Identification

Section 1.0 (Page 1): Date, time, and time zone for first detection
Example: Threat identified 8/6/20; 11:34am; ET

Section 2.0 Impacted Personnel (Page 1): List names and contact information for all persons involved in detection and initial investigation
Example: Mr. John Doe; Incident Response Lead; 555-555-5656; Mrs. Jane Doe; Network Engineer; 556-557-5678

Section 3.0 Incident Detection Specifics (Page 1; 2 paragraphs): How was the incident detected?
Example: IDS/IPS/HIDS/NIDS alerts; Violation of user behavior baseline; security event threat detection; suspicious network traffic patterns; ransomware, or malware alerts from anti-virus/malware software

Section 4.0 Threat Identification (Page 2; 2 paragraphs): What do you think the threat is?
Example: Classification of threat is based on type of behavior analyzed either live or via logs, and recovered digital forensics data

Section 5.0 Infected Resources (Page 3-4; 2-3 paragraphs): List of systems and network components involved both at the system and network levels: System 1, 2, 3; Network component A, etc., and infections found

Example: Lenovo 20L5000; Serial #; IP Address x; infection

Section 6.0 Digital Evidence (Page 4-5; 2-3 paragraphs): Where can supporting evidence be found?

Example: Location of log file, log file types, time stamps, screen shots, IDS reports

Section 7.0 Tools and Procedures (Page 5-6; 2-3 paragraphs): Describe the tools and procedures used for acquiring the media (ex., disk-to-disk, disk to image, sparse copy), thus creating the forensic image of the media for examination.

Provide a name for assignment: For example Pat_Jones_ITDI-372_Unit2.docx.

Click here to order
Share this :

Found something interesting ?

We don't just promise. Here is what we guarantee!

• On-time delivery guarantee
• PhD-level professional writers
• Free Plagiarism Report

• 100% money-back guarantee
• Absolute Privacy & Confidentiality
• High Quality custom-written papers

Order Now

Related Model Questions

Feel free to peruse our college and university model questions. If any our our assignment tasks interests you, click to place your order. Every paper is written by our professional essay writers from scratch to avoid plagiarism. We guarantee highest quality of work besides delivering your paper on time.
Site Logo for EssayBureau.com essay company limited

ESSAYBUREAU.COM

We are your most trusted essay writing company in provision of quality research papers, coursework and assignments

Sitemap

All papers are meant to assist in further research only and attribution must be done to avoid plagiarism.
We Accept Payment of all Cards
A photo of all major card payments accepted by EssayBureau.com
© 2023. EssayBureau.com. All rights reserved!

Grab your Discount!

25% Coupon Code: SAVE25
Order Now
get 25% !!