telecommunication compromise

Get perfect grades by consistently using www.college-experts.com. Place your order and get a quality paper today. Take advantage of our current 20% discount by using the coupon code GET20


Order a Similar Paper Order a Different Paper

On a Saturday night, network intrusion detection software records an inbound connection originating
from a watchlist IP address. The intrusion detection analyst determines that the connection is being made
to the organization’s VPN server and contacts the incident response team. The team reviews the intrusion
detection, firewall, and VPN server logs and identifies the user ID that was authenticated for the session
and the name of the user associated with the user ID.
The following are additional questions for this scenario:
1. What should the team’s next step be (e.g., calling the user at home, disabling the user ID,
disconnecting the VPN session)? Why should this step be performed first? What step should be
performed second?
2. How would the handling of this incident differ if the external IP address belonged to an open
proxy?
3. How would the handling of this incident differ if the ID had been used to initiate VPN
connections from several external IP addresses without the knowledge of the user?
4. Suppose that the identified user’s computer had become compromised by a game containing a
Trojan horse that was downloaded by a family member. How would this affect the team’s
analysis of the incident? How would this affect evidence gathering and handling? What should
the team do in terms of eradicating the incident from the user’s computer?
5. Suppose that the user installed antivirus software and determined that the Trojan horse had
included a keystroke logger. How would this affect the handling of the incident? How would this
affect the handling of the incident if the user were a system administrator? How would this affect
the handling of the incident if the user were a high-ranking executive in the organization?

This the format I want

Table of Contents

Introduction 3

Roles: 3

Training: 4

Incidents: 4

incident response: 4

Incident response plan: 5

Incident Notification: 5

Reporting/tracking: 5

Procedures: 6

Risk: 6

Preparation 6

Detection and Analysis: 7

Containment: 7

Recovery: 9

Conclusion: 10

Writerbay.net

Do you need help with this or a different assignment? We offer CONFIDENTIAL, ORIGINAL (Turnitin/LopesWrite/SafeAssign checks), and PRIVATE services using latest (within 5 years) peer-reviewed articles. Kindly click on ORDER NOW to receive an A++ paper from our masters- and PhD writers.

Get a 15% discount on your order using the following coupon code SAVE15


Order a Similar Paper Order a Different Paper