For Part A of Project #1, you will complete the Incident Response Form (use the template found at the end of the assignment description file). Use the information provided in the assignment file and...

1 answer below »



For Part A of Project #1, you will complete the Incident Response Form (use the template found at the end of the assignment description file). Use the information provided in the assignment file and in Weeks 1-4 in the classroom. Consult the “Notes to Students” (in the assignment description file) for additional directions regarding completion of this assignment.




Your submission file containing the completed form must be in MS Word format (.docx or .doc). You do NOT need to be submit this file to Turn It In.




The assignment description file for Project 1 (both parts) is attached to this assignment entry. The same assignment description file is attached to the Project #1 Part A assignment entry.




Attach your Project #1 Part B: Summary Report in MS Word format (.docx or .doc) for grading. This file must also be submitted to Turn It In.




For this part of Project #1, you will complete and submit a Summary Report in narrative format. Your report should have four major sections. The major sections are:







  • Introduction



  • Analysis of the Incident (summarize what you know about the red team’s activities / the resulting security incidents using the information provided in the classroom and in this file)



  • Lessons Learned (what went wrong in the incident response process, what did not happen that should have happened)



  • Recommendations (what needs to change, who should take actions, what actions must be taken to improve the incident response capability)






Please review the rubric for this report before submitting your work for grading.

Answered 2 days AfterDec 06, 2022

Answer To: For Part A of Project #1, you will complete the Incident Response Form (use the template found at...

Aditi answered on Dec 09 2022
32 Votes
Sifers-Grayson Cybersecurity Incident Report Form
CSIA 310
SIFERS-GRAYSON CYBERSECURITY INCIDENT REPORT FORM
1. Contact Information for the Incident Reporter and Handler
· Name:
· Role: Cyber Incident Response Te
am Lead
· Organizational unit: Engineering Department / Sifers - Grayson
· Email address: [email protected]
– Phone number: (502) 234-5555
· Location: 1555 Pine Knob Trail, Pine Knob, KY 42741
2. Incident Details
· Status change date/timestamps: It is yet unknown when the onslaught will begin. Certain computer systems become slow-moving as a result of the enormous volume of traffic over the network networks. Red flags were also raised by the occurrence when drone operation equipment was lost.
· Physical location of the incident: Pine Knob, KY
· Current status of the incident: The attack has ended.
· Source/cause of the incident: The R&D center's IP address 10.10.135.0/24 served as the attack's origin. The servers were breached via an unsecured data connection to a business network that merely had a firewall installed and that was not set up to send out notifications in the event of any failures or problems.
· Description of the incident: When the network stopped working owing to heavy traffic, the assault was discovered. suspicious emails that appear to be coming from the company. unusual password behavior brought on by compromised logins The proof came from the logs data from a server that was running Task Manager.
· Description of affected resources: The R&D Center server was hacked (IP Address 10.10.135.0/24) and all documentation and source codes for the AX10 Drone System were stolen. When keylogging software was left unattended, 20% of worker USB key logins were compromised. The test range's network (IP Address 10.10.145.0/24) has already been compromised. Once an infected PROM (malware) was installed on the AX10 drone prior to flight and flown from the stated testing site, its drone was declared "stolen." A corporate headquarters workstation (IP Address 10.10.100.0/24) has been used to send "phishing" mails utilizing credentials collected. And over 1500 external receivers' emails & IP addresses were lost as...
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here