telecommunication compromise

Would you like us to handle your paper? Use our company for better grades and meet your deadlines.


Order a Similar Paper Order a Different Paper

On a Saturday night, network intrusion detection software records an inbound connection originating
from a watchlist IP address. The intrusion detection analyst determines that the connection is being made
to the organization’s VPN server and contacts the incident response team. The team reviews the intrusion
detection, firewall, and VPN server logs and identifies the user ID that was authenticated for the session
and the name of the user associated with the user ID.
The following are additional questions for this scenario:
1. What should the team’s next step be (e.g., calling the user at home, disabling the user ID,
disconnecting the VPN session)? Why should this step be performed first? What step should be
performed second?
2. How would the handling of this incident differ if the external IP address belonged to an open
proxy?
3. How would the handling of this incident differ if the ID had been used to initiate VPN
connections from several external IP addresses without the knowledge of the user?
4. Suppose that the identified user’s computer had become compromised by a game containing a
Trojan horse that was downloaded by a family member. How would this affect the team’s
analysis of the incident? How would this affect evidence gathering and handling? What should
the team do in terms of eradicating the incident from the user’s computer?
5. Suppose that the user installed antivirus software and determined that the Trojan horse had
included a keystroke logger. How would this affect the handling of the incident? How would this
affect the handling of the incident if the user were a system administrator? How would this affect
the handling of the incident if the user were a high-ranking executive in the organization?

This the format I want

Table of Contents

Introduction 3

Roles: 3

Training: 4

Incidents: 4

incident response: 4

Incident response plan: 5

Incident Notification: 5

Reporting/tracking: 5

Procedures: 6

Risk: 6

Preparation 6

Detection and Analysis: 7

Containment: 7

Recovery: 9

Conclusion: 10

Once you get frustrated and struggling to accomplish your work on time, you need online assignment help. We understand your needs and provides you with reliable writing specialists to complete your projects at an affordable price.

Get a 15% discount on your order using the following coupon code SAVE15


Order a Similar Paper Order a Different Paper

Looking for this or a Similar Assignment? Click below to Place your Order

×

Hello!

Click one of our contacts below to chat on WhatsApp

× How can I help you?