SlideShare a Scribd company logo

You are a network analyst on the fly-away team for the FBIs cyberse.docx

Download as DOCX, PDF
A
adampcarr67227

You are a network analyst on the fly-away team for the FBI's cybersecurity sector engagement division. You've been deployed several times to financial institutions to examine their networks after cyberattacks, ranging from intrusions and data exfiltration to distributed denial of services to their network supporting customer transaction websites. A representative from the Financial Services Information Sharing and Analysis Center, FS-ISAC, met with your boss, the chief net defense liaison to the financial services sector, about recent reports of intrusions into the networks of banks and their consortium. He's provided some of the details of the reports in an email. "Millions of files were compromised, and financial officials want to know who entered the networks and what happened to the information. At the same time, the FS-ISAC has seen extensive distributed denial of service disrupting the bank's networks, impacting the customer websites, and blocking millions of dollars of potential transactions," his email reads. You realize that the impact from these attacks could cause the downfall of many banks and ultimately create a strain on the US economy. In the email, your chief asks you to travel to one of the banks and using your suite of network monitoring and intrusion detection tools, produce two documents—a report to the FBI and FS-ISAC that contains the information you observed on the network and a joint network defense bulletin to all the banks in the FS-ISAC consortium, recommending prevention methods and remediation against the types of malicious traffic activity that they may face or are facing. Network traffic analysis and monitoring help to distinguish legitimate traffic from malicious traffic. Network administrators must protect networks from intrusions. This can be done using tools and techniques that use past traffic data to determine what should be allowed and what should be blocked. In the face of constantly evolving threats to networks, network administrators must ensure their intrusion detection and prevention systems are able to analyze, monitor, and even prevent these advanced threats. In this project, you will research network intrusion and prevention systems and understand their use in a network environment. You will also use monitoring and analysis technologies in the Workspace to compile a Malicious Network Activity Report for financial institutions and a Joint Network Defense Bulletin for a financial services consortium. The following are the deliverables for this project: Deliverables •Malicious Network Activity Report: An eight- to 10-page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations. •Joint Network Defense Bulletin: A one- to two-page double-spaced document. Step 1: Create a Network Architecture Overview You travel to the various bank locations and gain access to their networks. However, yo.

Education
1 of 16
You are a network analyst on the fly-away team for the FBI's cybersecurity sector engagement division. You've been deployed several times to financial institutions to examine their networks after cyberattacks, ranging from intrusions and data exfiltration to distributed denial of services to their network supporting customer transaction websites. A representative from the Financial Services Information Sharing and Analysis Center, FS-ISAC, met with your boss, the chief net defense liaison to the financial services sector, about recent reports of intrusions into the networks of banks and their consortium. He's provided some of the details of the reports in an email. "Millions of files were compromised, and financial officials want to know who entered the networks and what happened to the information. At the same time, the FS-ISAC has seen extensive distributed denial of service disrupting the bank's networks, impacting the customer websites, and blocking millions of dollars of potential transactions," his email reads. You realize that the impact from these attacks could cause the downfall of many banks and ultimately create a strain on the US economy. In the email, your chief asks you to travel to one of the banks and using your suite of network monitoring and intrusion detection tools, produce two documents—a report to the FBI and FS-ISAC that contains the information you observed on the network and a joint network defense bulletin to all the banks in the FS-ISAC consortium, recommending
prevention methods and remediation against the types of malicious traffic activity that they may face or are facing. Network traffic analysis and monitoring help to distinguish legitimate traffic from malicious traffic. Network administrators must protect networks from intrusions. This can be done using tools and techniques that use past traffic data to determine what should be allowed and what should be blocked. In the face of constantly evolving threats to networks, network administrators must ensure their intrusion detection and prevention systems are able to analyze, monitor, and even prevent these advanced threats. In this project, you will research network intrusion and prevention systems and understand their use in a network environment. You will also use monitoring and analysis technologies in the Workspace to compile a Malicious Network Activity Report for financial institutions and a Joint Network Defense Bulletin for a financial services consortium. The following are the deliverables for this project:
Deliverables •Malicious Network Activity Report: An eight- to 10-page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations. •Joint Network Defense Bulletin: A one- to two-page double- spaced document. Step 1: Create a Network Architecture Overview You travel to the various bank locations and gain access to their networks. However, you must first understand the network architecture of these banks. Provide a network architecture overview along with diagrams. Your overview can be fictitious or based on an actual organization. The goal is to provide an understanding of the network architecture.
Describe the various data transmission components. Select the links below to review them: 1.User Datagram Protocol (UDP) 2.Transmission Control Protocol/Internet Protocol (TCP/IP) 3.Internet packets 4.IP address schemes 5.well-known ports and applications Address the meaning and relevance of information, such as: a.The sender or source that transmits a message b.The encoder used to code messages
c.The medium or channel that carries the message d.The decoding mechanisms used e.The receiver or destination of the messages Describe: a.The intrusion detection system (IDS) b.The intrusion prevention system (IPS) c.The firewalls that have been established d.The link between the operating systems, the software, and hardware components in the network, firewall, and IDS that make up the network defense implementation of the banks’ networks. Identify:
a.How banks use firewalls b.How banks use IDSs c.The difference between these technologies Include: a.The network infrastructure information b.The IP address schemes that will involve the IP addressing assignment model c.The public and private addressing and address allocations d.Identify potential risks in setting up the IP addressing scheme Here are some resources to review: •Intrusion detection & prevention (IDS/IPS) systems
•Firewalls Identify: a.Any well-known ports and applications that are used b.The risks associated with those ports and applications being identified and possibly targeted Add your overview to your report. In the next step, you will identify network attacks and ways to monitor systems to prevent these attacks. Step 2: Identify Network Attacks
In the previous step, you provided an overview of the network architecture. In this step, you will identify possible cyberattacks such as spoofing/cache poisoning, session hijacking, and man- in-the-middle attacks. Provide techniques for monitoring these attacks using knowledge acquired in the previous step. Review the following resources to gain a better understanding of these particular cyberattacks: •Session hijacking: spoofing/cache poisoning attacks •Man-in-the-middle attacks One way to monitor and learn about malicious activities on a network is to create honeypots. Propose a honeypot environment to lure hackers to the network and include the following in your proposal: a.Describe a honeypot.
b.Explain how a honeypot environment is set up. c.Explain the security and protection mechanisms a bank would need for a honeypot. d.Discuss some network traffic indicators that will tell you that your honeypot trap is working. Include this information in your final report. However, do not include this information in the bulletin to prevent hackers from being alerted about these defenses. Then, continue to the next step, where you will identify false negatives and positives. Step 3: Identify False Negatives and False Positives You just identified possible information security attacks. Now, identify the risks to network traffic analysis and remediation.
Review the resources on false positives and false negatives and discuss the following: a.Identify what are false positives and false negatives. b.How are false positives and false negatives determined? c.How are false positives and false negatives tested? d.Which is riskier to the health of the network, a false positive or a false negative? Describe your analysis about testing for false negatives and false positives using tools such as IDSs and firewalls, and include this as recommendations for the banks in your public service Joint Network Defense Bulletin. Discuss the concept of performing statistical analysis of false positives and false negatives.
Explain how banks can reduce these issues. Research possible ways to reduce these events and include this information as recommendations in the Malicious Network Activity Report. Network intrusion analysis is often done with a tool such as Snort. Snort is a free and open-source intrusion detection/prevention system program. It is used for detecting and preventing malicious traffic and attacks on networks, analysis, and education. Such identification can be used to design signatures for the IDS, as well as to program the IDS to block this known bad traffic. Network traffic analysis is often done using tools such as Wireshark. Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development and education. Cybersecurity professionals must know how to perform network forensics analysis.
In the next step, you will analyze network traffic. Step 5: Determine Sensitivity of Your Analysis In the previous step, you completed network analysis. In this step, you will determine which information to include in which document. Information appropriate for internal consumption may not be appropriate for public consumption. The Joint Network Defense Bulletin may alert criminals of the network defense strategy. Therefore, be careful about what you include in this bulletin. Once you have assessed the sensitivity of the information, include appropriate information in your Malicious Network Activity Report. Then, include appropriate information in the Joint Network
Defense Bulletin in a way that educates the financial services consortium of the threat and the mitigating activities necessary to protect against that threat. Step 6: Explain Other Detection Tools and Techniques In the previous step, you included appropriate information in the proper document. In this step, perform independent research and briefly discuss what other tools and techniques may be used to detect these signatures. Provide enough detail so that a bank network administrator could follow your explanation to deploy your system in production. Include this information in the Joint Network Defense Bulletin. Next, move to the next step, where you will organize and complete your report. Step 7: Complete Malicious Network Activity Report
Now that you have gathered all the data for your Malicious Network Activity Report, it is time to organize and submit it. The following is a suggested outline: 1.Introduction: Describe the banking institution and the issue you will be examining. 2.Overview of the Network Architecture 3.Network Attacks 4.Network Traffic Analysis and Results 5.Other Detection Tools and Techniques 6.Recommended Remediation Strategies Submit your report to the Assignments folder. You are now ready for the final step, the Joint Network Defense Bulletin. Step 8: Create the Joint Network Defense Bulletin
In this step, you will create the Joint Network Defense Bulletin. Compile the information you have gathered, taking care to eliminate any sensitive bank-specific information. The Joint Network Defense Bulletin is an educational document for the financial services consortium. This bulletin should be addressed to the FBI chief and the FS-ISAC representative. Here is a list of the final deliverables for Project 2. Deliverables •Malicious Network Activity Report: An eight- to 10-page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations.
•Joint Network Defense Bulletin: A one- to two-page double- spaced document.

Recommended

Project 4 Threat Analysis and ExploitationTranscript (backgroun.docx
Project 4 Threat Analysis and ExploitationTranscript (backgroun.docxProject 4 Threat Analysis and ExploitationTranscript (backgroun.docx
Project 4 Threat Analysis and ExploitationTranscript (backgroun.docxstilliegeorgiana
 
Cst 630 Extraordinary Success/newtonhelp.com
Cst 630 Extraordinary Success/newtonhelp.comCst 630 Extraordinary Success/newtonhelp.com
Cst 630 Extraordinary Success/newtonhelp.comamaranthbeg113
 
Cst 630 Motivated Minds/newtonhelp.com
Cst 630 Motivated Minds/newtonhelp.comCst 630 Motivated Minds/newtonhelp.com
Cst 630 Motivated Minds/newtonhelp.comamaranthbeg53
 
Cst 630 Education is Power/newtonhelp.com
Cst 630 Education is Power/newtonhelp.comCst 630 Education is Power/newtonhelp.com
Cst 630 Education is Power/newtonhelp.comamaranthbeg73
 
Cst 630 project 2 incident response
Cst 630 project 2 incident responseCst 630 project 2 incident response
Cst 630 project 2 incident responsepersons20ar
 
Nt2580 Unit 7 Chapter 12
Nt2580 Unit 7 Chapter 12Nt2580 Unit 7 Chapter 12
Nt2580 Unit 7 Chapter 12Laura Arrigo
 
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of CompromiseInsight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise21CT Inc.
 
IRJET- Phishdect & Mitigator: SDN based Phishing Attack Detection
IRJET- Phishdect & Mitigator: SDN based Phishing Attack DetectionIRJET- Phishdect & Mitigator: SDN based Phishing Attack Detection
IRJET- Phishdect & Mitigator: SDN based Phishing Attack DetectionIRJET Journal
 

Recommended

Project 4 Threat Analysis and ExploitationTranscript (backgroun.docx
Project 4 Threat Analysis and ExploitationTranscript (backgroun.docxProject 4 Threat Analysis and ExploitationTranscript (backgroun.docx
Project 4 Threat Analysis and ExploitationTranscript (backgroun.docxstilliegeorgiana
 
Cst 630 Extraordinary Success/newtonhelp.com
Cst 630 Extraordinary Success/newtonhelp.comCst 630 Extraordinary Success/newtonhelp.com
Cst 630 Extraordinary Success/newtonhelp.comamaranthbeg113
 
Cst 630 Motivated Minds/newtonhelp.com
Cst 630 Motivated Minds/newtonhelp.comCst 630 Motivated Minds/newtonhelp.com
Cst 630 Motivated Minds/newtonhelp.comamaranthbeg53
 
Cst 630 Education is Power/newtonhelp.com
Cst 630 Education is Power/newtonhelp.comCst 630 Education is Power/newtonhelp.com
Cst 630 Education is Power/newtonhelp.comamaranthbeg73
 
Cst 630 project 2 incident response
Cst 630 project 2 incident responseCst 630 project 2 incident response
Cst 630 project 2 incident responsepersons20ar
 
Nt2580 Unit 7 Chapter 12
Nt2580 Unit 7 Chapter 12Nt2580 Unit 7 Chapter 12
Nt2580 Unit 7 Chapter 12Laura Arrigo
 
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of CompromiseInsight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise21CT Inc.
 
IRJET- Phishdect & Mitigator: SDN based Phishing Attack Detection
IRJET- Phishdect & Mitigator: SDN based Phishing Attack DetectionIRJET- Phishdect & Mitigator: SDN based Phishing Attack Detection
IRJET- Phishdect & Mitigator: SDN based Phishing Attack DetectionIRJET Journal
 
Cyber Threat Prediction using ML
Cyber Threat Prediction using MLCyber Threat Prediction using ML
Cyber Threat Prediction using MLIRJET Journal
 
RAMNSS_2016_service_porfolio
RAMNSS_2016_service_porfolioRAMNSS_2016_service_porfolio
RAMNSS_2016_service_porfolioRhys A. Mossom
 
IRJET- Sky Shield: A Sketch-Based Defense System against Application Laye...
IRJET- Sky Shield: A Sketch-Based Defense System against Application Laye...IRJET- Sky Shield: A Sketch-Based Defense System against Application Laye...
IRJET- Sky Shield: A Sketch-Based Defense System against Application Laye...IRJET Journal
 
IRJET- Wireless LAN Intrusion Detection and Prevention System for Malicious A...
IRJET- Wireless LAN Intrusion Detection and Prevention System for Malicious A...IRJET- Wireless LAN Intrusion Detection and Prevention System for Malicious A...
IRJET- Wireless LAN Intrusion Detection and Prevention System for Malicious A...IRJET Journal
 
Sec 572 Education Organization / snaptutorial.com
Sec 572 Education Organization / snaptutorial.comSec 572 Education Organization / snaptutorial.com
Sec 572 Education Organization / snaptutorial.comBaileya109
 
Deliverables Step-12 SLA 3-5 pages
Deliverables Step-12 SLA 3-5 pages Deliverables Step-12 SLA 3-5 pages
Deliverables Step-12 SLA 3-5 pages LinaCovington707
 
here has been an increase in the number of cybersecurity incident re.docx
here has been an increase in the number of cybersecurity incident re.docxhere has been an increase in the number of cybersecurity incident re.docx
here has been an increase in the number of cybersecurity incident re.docxsimonithomas47935
 
Sec 572 Education Specialist-snaptutorial.com
Sec 572 Education Specialist-snaptutorial.comSec 572 Education Specialist-snaptutorial.com
Sec 572 Education Specialist-snaptutorial.comrobertlesew79
 
Cst 630 project 2 incident response
Cst 630 project 2 incident responseCst 630 project 2 incident response
Cst 630 project 2 incident responsepersons20ar
 
ResearchProjectComplete
ResearchProjectCompleteResearchProjectComplete
ResearchProjectCompletedannyboi17
 
Client Honeypot Based Drive by Download Exploit Detection and their Categoriz...
Client Honeypot Based Drive by Download Exploit Detection and their Categoriz...Client Honeypot Based Drive by Download Exploit Detection and their Categoriz...
Client Honeypot Based Drive by Download Exploit Detection and their Categoriz...IJERA Editor
 
ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docx
ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docxScenarioSummaryIn this lab, you will explore at least one IDS, IP.docx
ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docxronnasleightholm
 
Sec 572 Enhance teaching / snaptutorial.com
Sec 572 Enhance teaching / snaptutorial.comSec 572 Enhance teaching / snaptutorial.com
Sec 572 Enhance teaching / snaptutorial.comHarrisGeorg69
 
SEC 572 Inspiring Innovation / tutorialrank.com
SEC 572 Inspiring Innovation / tutorialrank.comSEC 572 Inspiring Innovation / tutorialrank.com
SEC 572 Inspiring Innovation / tutorialrank.comBromleyz38
 
ISE 620 Final Project Guidelines and Rubric Overview .docx
ISE 620 Final Project Guidelines and Rubric Overview .docxISE 620 Final Project Guidelines and Rubric Overview .docx
ISE 620 Final Project Guidelines and Rubric Overview .docxchristiandean12115
 
Malvin proposal
Malvin proposalMalvin proposal
Malvin proposalmalvin kamba
 
MEMO[date][Your name and course numbersection][
MEMO[date][Your name and course numbersection][MEMO[date][Your name and course numbersection][
MEMO[date][Your name and course numbersection][AbramMartino96
 
Cst 630 project 2 incident response
Cst 630 project 2 incident responseCst 630 project 2 incident response
Cst 630 project 2 incident responsepersons20ar
 
cybersecurity_alert_feb_12_2015
cybersecurity_alert_feb_12_2015cybersecurity_alert_feb_12_2015
cybersecurity_alert_feb_12_2015Paul Ferrillo
 
IRJET- Security Risk Assessment on Social Media using Artificial Intellig...
IRJET- Security Risk Assessment on Social Media using Artificial Intellig...IRJET- Security Risk Assessment on Social Media using Artificial Intellig...
IRJET- Security Risk Assessment on Social Media using Artificial Intellig...IRJET Journal
 
You are a project manager and believe that your initiative would be .docx
You are a project manager and believe that your initiative would be .docxYou are a project manager and believe that your initiative would be .docx
You are a project manager and believe that your initiative would be .docxadampcarr67227
 
You are a project manager at a food agricultural organization and yo.docx
You are a project manager at a food agricultural organization and yo.docxYou are a project manager at a food agricultural organization and yo.docx
You are a project manager at a food agricultural organization and yo.docxadampcarr67227
 

More Related Content

Similar to You are a network analyst on the fly-away team for the FBIs cyberse.docx

Cyber Threat Prediction using ML
Cyber Threat Prediction using MLCyber Threat Prediction using ML
Cyber Threat Prediction using MLIRJET Journal
 
RAMNSS_2016_service_porfolio
RAMNSS_2016_service_porfolioRAMNSS_2016_service_porfolio
RAMNSS_2016_service_porfolioRhys A. Mossom
 
IRJET- Sky Shield: A Sketch-Based Defense System against Application Laye...
IRJET- Sky Shield: A Sketch-Based Defense System against Application Laye...IRJET- Sky Shield: A Sketch-Based Defense System against Application Laye...
IRJET- Sky Shield: A Sketch-Based Defense System against Application Laye...IRJET Journal
 
IRJET- Wireless LAN Intrusion Detection and Prevention System for Malicious A...
IRJET- Wireless LAN Intrusion Detection and Prevention System for Malicious A...IRJET- Wireless LAN Intrusion Detection and Prevention System for Malicious A...
IRJET- Wireless LAN Intrusion Detection and Prevention System for Malicious A...IRJET Journal
 
Sec 572 Education Organization / snaptutorial.com
Sec 572 Education Organization / snaptutorial.comSec 572 Education Organization / snaptutorial.com
Sec 572 Education Organization / snaptutorial.comBaileya109
 
Deliverables Step-12 SLA 3-5 pages
Deliverables Step-12 SLA 3-5 pages Deliverables Step-12 SLA 3-5 pages
Deliverables Step-12 SLA 3-5 pages LinaCovington707
 
here has been an increase in the number of cybersecurity incident re.docx
here has been an increase in the number of cybersecurity incident re.docxhere has been an increase in the number of cybersecurity incident re.docx
here has been an increase in the number of cybersecurity incident re.docxsimonithomas47935
 
Sec 572 Education Specialist-snaptutorial.com
Sec 572 Education Specialist-snaptutorial.comSec 572 Education Specialist-snaptutorial.com
Sec 572 Education Specialist-snaptutorial.comrobertlesew79
 
Cst 630 project 2 incident response
Cst 630 project 2 incident responseCst 630 project 2 incident response
Cst 630 project 2 incident responsepersons20ar
 
ResearchProjectComplete
ResearchProjectCompleteResearchProjectComplete
ResearchProjectCompletedannyboi17
 
Client Honeypot Based Drive by Download Exploit Detection and their Categoriz...
Client Honeypot Based Drive by Download Exploit Detection and their Categoriz...Client Honeypot Based Drive by Download Exploit Detection and their Categoriz...
Client Honeypot Based Drive by Download Exploit Detection and their Categoriz...IJERA Editor
 
ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docx
ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docxScenarioSummaryIn this lab, you will explore at least one IDS, IP.docx
ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docxronnasleightholm
 
Sec 572 Enhance teaching / snaptutorial.com
Sec 572 Enhance teaching / snaptutorial.comSec 572 Enhance teaching / snaptutorial.com
Sec 572 Enhance teaching / snaptutorial.comHarrisGeorg69
 
SEC 572 Inspiring Innovation / tutorialrank.com
SEC 572 Inspiring Innovation / tutorialrank.comSEC 572 Inspiring Innovation / tutorialrank.com
SEC 572 Inspiring Innovation / tutorialrank.comBromleyz38
 
ISE 620 Final Project Guidelines and Rubric Overview .docx
ISE 620 Final Project Guidelines and Rubric Overview .docxISE 620 Final Project Guidelines and Rubric Overview .docx
ISE 620 Final Project Guidelines and Rubric Overview .docxchristiandean12115
 
MEMO[date][Your name and course numbersection][
MEMO[date][Your name and course numbersection][MEMO[date][Your name and course numbersection][
MEMO[date][Your name and course numbersection][AbramMartino96
 
Cst 630 project 2 incident response
Cst 630 project 2 incident responseCst 630 project 2 incident response
Cst 630 project 2 incident responsepersons20ar
 
cybersecurity_alert_feb_12_2015
cybersecurity_alert_feb_12_2015cybersecurity_alert_feb_12_2015
cybersecurity_alert_feb_12_2015Paul Ferrillo
 
IRJET- Security Risk Assessment on Social Media using Artificial Intellig...
IRJET- Security Risk Assessment on Social Media using Artificial Intellig...IRJET- Security Risk Assessment on Social Media using Artificial Intellig...
IRJET- Security Risk Assessment on Social Media using Artificial Intellig...IRJET Journal
 

Similar to You are a network analyst on the fly-away team for the FBIs cyberse.docx (20)

Cyber Threat Prediction using ML
Cyber Threat Prediction using MLCyber Threat Prediction using ML
Cyber Threat Prediction using ML
 
RAMNSS_2016_service_porfolio
RAMNSS_2016_service_porfolioRAMNSS_2016_service_porfolio
RAMNSS_2016_service_porfolio
 
IRJET- Sky Shield: A Sketch-Based Defense System against Application Laye...
IRJET- Sky Shield: A Sketch-Based Defense System against Application Laye...IRJET- Sky Shield: A Sketch-Based Defense System against Application Laye...
IRJET- Sky Shield: A Sketch-Based Defense System against Application Laye...
 
IRJET- Wireless LAN Intrusion Detection and Prevention System for Malicious A...
IRJET- Wireless LAN Intrusion Detection and Prevention System for Malicious A...IRJET- Wireless LAN Intrusion Detection and Prevention System for Malicious A...
IRJET- Wireless LAN Intrusion Detection and Prevention System for Malicious A...
 
Sec 572 Education Organization / snaptutorial.com
Sec 572 Education Organization / snaptutorial.comSec 572 Education Organization / snaptutorial.com
Sec 572 Education Organization / snaptutorial.com
 
Deliverables Step-12 SLA 3-5 pages
Deliverables Step-12 SLA 3-5 pages Deliverables Step-12 SLA 3-5 pages
Deliverables Step-12 SLA 3-5 pages
 
here has been an increase in the number of cybersecurity incident re.docx
here has been an increase in the number of cybersecurity incident re.docxhere has been an increase in the number of cybersecurity incident re.docx
here has been an increase in the number of cybersecurity incident re.docx
 
Sec 572 Education Specialist-snaptutorial.com
Sec 572 Education Specialist-snaptutorial.comSec 572 Education Specialist-snaptutorial.com
Sec 572 Education Specialist-snaptutorial.com
 
Cst 630 project 2 incident response
Cst 630 project 2 incident responseCst 630 project 2 incident response
Cst 630 project 2 incident response
 
ResearchProjectComplete
ResearchProjectCompleteResearchProjectComplete
ResearchProjectComplete
 
Client Honeypot Based Drive by Download Exploit Detection and their Categoriz...
Client Honeypot Based Drive by Download Exploit Detection and their Categoriz...Client Honeypot Based Drive by Download Exploit Detection and their Categoriz...
Client Honeypot Based Drive by Download Exploit Detection and their Categoriz...
 
ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docx
ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docxScenarioSummaryIn this lab, you will explore at least one IDS, IP.docx
ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docx
 
Sec 572 Enhance teaching / snaptutorial.com
Sec 572 Enhance teaching / snaptutorial.comSec 572 Enhance teaching / snaptutorial.com
Sec 572 Enhance teaching / snaptutorial.com
 
SEC 572 Inspiring Innovation / tutorialrank.com
SEC 572 Inspiring Innovation / tutorialrank.comSEC 572 Inspiring Innovation / tutorialrank.com
SEC 572 Inspiring Innovation / tutorialrank.com
 
ISE 620 Final Project Guidelines and Rubric Overview .docx
ISE 620 Final Project Guidelines and Rubric Overview .docxISE 620 Final Project Guidelines and Rubric Overview .docx
ISE 620 Final Project Guidelines and Rubric Overview .docx
 
Malvin proposal
Malvin proposalMalvin proposal
Malvin proposal
 
MEMO[date][Your name and course numbersection][
MEMO[date][Your name and course numbersection][MEMO[date][Your name and course numbersection][
MEMO[date][Your name and course numbersection][
 
Cst 630 project 2 incident response
Cst 630 project 2 incident responseCst 630 project 2 incident response
Cst 630 project 2 incident response
 
cybersecurity_alert_feb_12_2015
cybersecurity_alert_feb_12_2015cybersecurity_alert_feb_12_2015
cybersecurity_alert_feb_12_2015
 
IRJET- Security Risk Assessment on Social Media using Artificial Intellig...
IRJET- Security Risk Assessment on Social Media using Artificial Intellig...IRJET- Security Risk Assessment on Social Media using Artificial Intellig...
IRJET- Security Risk Assessment on Social Media using Artificial Intellig...
 

More from adampcarr67227

You are a project manager and believe that your initiative would be .docx
You are a project manager and believe that your initiative would be .docxYou are a project manager and believe that your initiative would be .docx
You are a project manager and believe that your initiative would be .docxadampcarr67227
 
You are a project manager at a food agricultural organization and yo.docx
You are a project manager at a food agricultural organization and yo.docxYou are a project manager at a food agricultural organization and yo.docx
You are a project manager at a food agricultural organization and yo.docxadampcarr67227
 
You are a nursing educator and you are given an assignment to teach .docx
You are a nursing educator and you are given an assignment to teach .docxYou are a nursing educator and you are given an assignment to teach .docx
You are a nursing educator and you are given an assignment to teach .docxadampcarr67227
 
You are a paralegal working at law office of James Adams, Esq. On No.docx
You are a paralegal working at law office of James Adams, Esq. On No.docxYou are a paralegal working at law office of James Adams, Esq. On No.docx
You are a paralegal working at law office of James Adams, Esq. On No.docxadampcarr67227
 
you are a paralegal working at the law office of Smith & Smith. The .docx
you are a paralegal working at the law office of Smith & Smith. The .docxyou are a paralegal working at the law office of Smith & Smith. The .docx
you are a paralegal working at the law office of Smith & Smith. The .docxadampcarr67227
 
You are a police officer who has been selected to participate in a p.docx
You are a police officer who has been selected to participate in a p.docxYou are a police officer who has been selected to participate in a p.docx
You are a police officer who has been selected to participate in a p.docxadampcarr67227
 
You are a newly-minted, tax-paying and law-abiding, permanent res.docx
You are a newly-minted, tax-paying and law-abiding, permanent res.docxYou are a newly-minted, tax-paying and law-abiding, permanent res.docx
You are a newly-minted, tax-paying and law-abiding, permanent res.docxadampcarr67227
 
You are a new university police chief in a medium-sized city, an.docx
You are a new university police chief in a medium-sized city, an.docxYou are a new university police chief in a medium-sized city, an.docx
You are a new university police chief in a medium-sized city, an.docxadampcarr67227
 
You are a native speaker of French living in a mainly English speaki.docx
You are a native speaker of French living in a mainly English speaki.docxYou are a native speaker of French living in a mainly English speaki.docx
You are a native speaker of French living in a mainly English speaki.docxadampcarr67227
 
You are a new high school teacher, and have been captured at the end.docx
You are a new high school teacher, and have been captured at the end.docxYou are a new high school teacher, and have been captured at the end.docx
You are a new high school teacher, and have been captured at the end.docxadampcarr67227
 
You are a member of the Human Resource Department of a medium-sized .docx
You are a member of the Human Resource Department of a medium-sized .docxYou are a member of the Human Resource Department of a medium-sized .docx
You are a member of the Human Resource Department of a medium-sized .docxadampcarr67227
 
You are a member of the senior management staff at XYZ Corporation. .docx
You are a member of the senior management staff at XYZ Corporation. .docxYou are a member of the senior management staff at XYZ Corporation. .docx
You are a member of the senior management staff at XYZ Corporation. .docxadampcarr67227
 
You are a member of the senior hospital administration. You become a.docx
You are a member of the senior hospital administration. You become a.docxYou are a member of the senior hospital administration. You become a.docx
You are a member of the senior hospital administration. You become a.docxadampcarr67227
 
YOU ARE A MEMBER OF THE SENIOR HOSPITAL ADMINISTRATI.docx
YOU ARE A MEMBER OF THE SENIOR HOSPITAL ADMINISTRATI.docxYOU ARE A MEMBER OF THE SENIOR HOSPITAL ADMINISTRATI.docx
YOU ARE A MEMBER OF THE SENIOR HOSPITAL ADMINISTRATI.docxadampcarr67227
 
You are a member of the Human Resource Department of a medium-si.docx
You are a member of the Human Resource Department of a medium-si.docxYou are a member of the Human Resource Department of a medium-si.docx
You are a member of the Human Resource Department of a medium-si.docxadampcarr67227
 
You are a member of the American Indian tribe. Think about how your .docx
You are a member of the American Indian tribe. Think about how your .docxYou are a member of the American Indian tribe. Think about how your .docx
You are a member of the American Indian tribe. Think about how your .docxadampcarr67227
 
You are a juvenile justice consultant creating a proposal that w.docx
You are a juvenile justice consultant creating a proposal that w.docxYou are a juvenile justice consultant creating a proposal that w.docx
You are a juvenile justice consultant creating a proposal that w.docxadampcarr67227
 
You are a journalist and you have been sent off to write a story abo.docx
You are a journalist and you have been sent off to write a story abo.docxYou are a journalist and you have been sent off to write a story abo.docx
You are a journalist and you have been sent off to write a story abo.docxadampcarr67227
 
You are a juvenile court probation officer. You have a choice of.docx
You are a juvenile court probation officer. You have a choice of.docxYou are a juvenile court probation officer. You have a choice of.docx
You are a juvenile court probation officer. You have a choice of.docxadampcarr67227
 
You are a human services professional working for a community-based .docx
You are a human services professional working for a community-based .docxYou are a human services professional working for a community-based .docx
You are a human services professional working for a community-based .docxadampcarr67227
 

More from adampcarr67227 (20)

You are a project manager and believe that your initiative would be .docx
You are a project manager and believe that your initiative would be .docxYou are a project manager and believe that your initiative would be .docx
You are a project manager and believe that your initiative would be .docx
 
You are a project manager at a food agricultural organization and yo.docx
You are a project manager at a food agricultural organization and yo.docxYou are a project manager at a food agricultural organization and yo.docx
You are a project manager at a food agricultural organization and yo.docx
 
You are a nursing educator and you are given an assignment to teach .docx
You are a nursing educator and you are given an assignment to teach .docxYou are a nursing educator and you are given an assignment to teach .docx
You are a nursing educator and you are given an assignment to teach .docx
 
You are a paralegal working at law office of James Adams, Esq. On No.docx
You are a paralegal working at law office of James Adams, Esq. On No.docxYou are a paralegal working at law office of James Adams, Esq. On No.docx
You are a paralegal working at law office of James Adams, Esq. On No.docx
 
you are a paralegal working at the law office of Smith & Smith. The .docx
you are a paralegal working at the law office of Smith & Smith. The .docxyou are a paralegal working at the law office of Smith & Smith. The .docx
you are a paralegal working at the law office of Smith & Smith. The .docx
 
You are a police officer who has been selected to participate in a p.docx
You are a police officer who has been selected to participate in a p.docxYou are a police officer who has been selected to participate in a p.docx
You are a police officer who has been selected to participate in a p.docx
 
You are a newly-minted, tax-paying and law-abiding, permanent res.docx
You are a newly-minted, tax-paying and law-abiding, permanent res.docxYou are a newly-minted, tax-paying and law-abiding, permanent res.docx
You are a newly-minted, tax-paying and law-abiding, permanent res.docx
 
You are a new university police chief in a medium-sized city, an.docx
You are a new university police chief in a medium-sized city, an.docxYou are a new university police chief in a medium-sized city, an.docx
You are a new university police chief in a medium-sized city, an.docx
 
You are a native speaker of French living in a mainly English speaki.docx
You are a native speaker of French living in a mainly English speaki.docxYou are a native speaker of French living in a mainly English speaki.docx
You are a native speaker of French living in a mainly English speaki.docx
 
You are a new high school teacher, and have been captured at the end.docx
You are a new high school teacher, and have been captured at the end.docxYou are a new high school teacher, and have been captured at the end.docx
You are a new high school teacher, and have been captured at the end.docx
 
You are a member of the Human Resource Department of a medium-sized .docx
You are a member of the Human Resource Department of a medium-sized .docxYou are a member of the Human Resource Department of a medium-sized .docx
You are a member of the Human Resource Department of a medium-sized .docx
 
You are a member of the senior management staff at XYZ Corporation. .docx
You are a member of the senior management staff at XYZ Corporation. .docxYou are a member of the senior management staff at XYZ Corporation. .docx
You are a member of the senior management staff at XYZ Corporation. .docx
 
You are a member of the senior hospital administration. You become a.docx
You are a member of the senior hospital administration. You become a.docxYou are a member of the senior hospital administration. You become a.docx
You are a member of the senior hospital administration. You become a.docx
 
YOU ARE A MEMBER OF THE SENIOR HOSPITAL ADMINISTRATI.docx
YOU ARE A MEMBER OF THE SENIOR HOSPITAL ADMINISTRATI.docxYOU ARE A MEMBER OF THE SENIOR HOSPITAL ADMINISTRATI.docx
YOU ARE A MEMBER OF THE SENIOR HOSPITAL ADMINISTRATI.docx
 
You are a member of the Human Resource Department of a medium-si.docx
You are a member of the Human Resource Department of a medium-si.docxYou are a member of the Human Resource Department of a medium-si.docx
You are a member of the Human Resource Department of a medium-si.docx
 
You are a member of the American Indian tribe. Think about how your .docx
You are a member of the American Indian tribe. Think about how your .docxYou are a member of the American Indian tribe. Think about how your .docx
You are a member of the American Indian tribe. Think about how your .docx
 
You are a juvenile justice consultant creating a proposal that w.docx
You are a juvenile justice consultant creating a proposal that w.docxYou are a juvenile justice consultant creating a proposal that w.docx
You are a juvenile justice consultant creating a proposal that w.docx
 
You are a journalist and you have been sent off to write a story abo.docx
You are a journalist and you have been sent off to write a story abo.docxYou are a journalist and you have been sent off to write a story abo.docx
You are a journalist and you have been sent off to write a story abo.docx
 
You are a juvenile court probation officer. You have a choice of.docx
You are a juvenile court probation officer. You have a choice of.docxYou are a juvenile court probation officer. You have a choice of.docx
You are a juvenile court probation officer. You have a choice of.docx
 
You are a human services professional working for a community-based .docx
You are a human services professional working for a community-based .docxYou are a human services professional working for a community-based .docx
You are a human services professional working for a community-based .docx
 

Recently uploaded

Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppCeline George
 
Class 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfClass 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfakmcokerachita
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesFatimaKhan178732
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfSumit Tiwari
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxPoojaSen20
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...M56BOOKSTORE PRODUCT/SERVICE
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 

Recently uploaded (20)

Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website App
 
Class 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfClass 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdf
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and Actinides
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docx
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR
 

You are a network analyst on the fly-away team for the FBIs cyberse.docx

  • 1. You are a network analyst on the fly-away team for the FBI's cybersecurity sector engagement division. You've been deployed several times to financial institutions to examine their networks after cyberattacks, ranging from intrusions and data exfiltration to distributed denial of services to their network supporting customer transaction websites. A representative from the Financial Services Information Sharing and Analysis Center, FS-ISAC, met with your boss, the chief net defense liaison to the financial services sector, about recent reports of intrusions into the networks of banks and their consortium. He's provided some of the details of the reports in an email. "Millions of files were compromised, and financial officials want to know who entered the networks and what happened to the information. At the same time, the FS-ISAC has seen extensive distributed denial of service disrupting the bank's networks, impacting the customer websites, and blocking millions of dollars of potential transactions," his email reads. You realize that the impact from these attacks could cause the downfall of many banks and ultimately create a strain on the US economy. In the email, your chief asks you to travel to one of the banks and using your suite of network monitoring and intrusion detection tools, produce two documents—a report to the FBI and FS-ISAC that contains the information you observed on the network and a joint network defense bulletin to all the banks in the FS-ISAC consortium, recommending
  • 2. prevention methods and remediation against the types of malicious traffic activity that they may face or are facing. Network traffic analysis and monitoring help to distinguish legitimate traffic from malicious traffic. Network administrators must protect networks from intrusions. This can be done using tools and techniques that use past traffic data to determine what should be allowed and what should be blocked. In the face of constantly evolving threats to networks, network administrators must ensure their intrusion detection and prevention systems are able to analyze, monitor, and even prevent these advanced threats. In this project, you will research network intrusion and prevention systems and understand their use in a network environment. You will also use monitoring and analysis technologies in the Workspace to compile a Malicious Network Activity Report for financial institutions and a Joint Network Defense Bulletin for a financial services consortium. The following are the deliverables for this project:
  • 3. Deliverables •Malicious Network Activity Report: An eight- to 10-page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations. •Joint Network Defense Bulletin: A one- to two-page double- spaced document. Step 1: Create a Network Architecture Overview You travel to the various bank locations and gain access to their networks. However, you must first understand the network architecture of these banks. Provide a network architecture overview along with diagrams. Your overview can be fictitious or based on an actual organization. The goal is to provide an understanding of the network architecture.
  • 4. Describe the various data transmission components. Select the links below to review them: 1.User Datagram Protocol (UDP) 2.Transmission Control Protocol/Internet Protocol (TCP/IP) 3.Internet packets 4.IP address schemes 5.well-known ports and applications Address the meaning and relevance of information, such as: a.The sender or source that transmits a message b.The encoder used to code messages
  • 5. c.The medium or channel that carries the message d.The decoding mechanisms used e.The receiver or destination of the messages Describe: a.The intrusion detection system (IDS) b.The intrusion prevention system (IPS) c.The firewalls that have been established d.The link between the operating systems, the software, and hardware components in the network, firewall, and IDS that make up the network defense implementation of the banks’ networks. Identify:
  • 6. a.How banks use firewalls b.How banks use IDSs c.The difference between these technologies Include: a.The network infrastructure information b.The IP address schemes that will involve the IP addressing assignment model c.The public and private addressing and address allocations d.Identify potential risks in setting up the IP addressing scheme Here are some resources to review: •Intrusion detection & prevention (IDS/IPS) systems
  • 7. •Firewalls Identify: a.Any well-known ports and applications that are used b.The risks associated with those ports and applications being identified and possibly targeted Add your overview to your report. In the next step, you will identify network attacks and ways to monitor systems to prevent these attacks. Step 2: Identify Network Attacks
  • 8. In the previous step, you provided an overview of the network architecture. In this step, you will identify possible cyberattacks such as spoofing/cache poisoning, session hijacking, and man- in-the-middle attacks. Provide techniques for monitoring these attacks using knowledge acquired in the previous step. Review the following resources to gain a better understanding of these particular cyberattacks: •Session hijacking: spoofing/cache poisoning attacks •Man-in-the-middle attacks One way to monitor and learn about malicious activities on a network is to create honeypots. Propose a honeypot environment to lure hackers to the network and include the following in your proposal: a.Describe a honeypot.
  • 9. b.Explain how a honeypot environment is set up. c.Explain the security and protection mechanisms a bank would need for a honeypot. d.Discuss some network traffic indicators that will tell you that your honeypot trap is working. Include this information in your final report. However, do not include this information in the bulletin to prevent hackers from being alerted about these defenses. Then, continue to the next step, where you will identify false negatives and positives. Step 3: Identify False Negatives and False Positives You just identified possible information security attacks. Now, identify the risks to network traffic analysis and remediation.
  • 10. Review the resources on false positives and false negatives and discuss the following: a.Identify what are false positives and false negatives. b.How are false positives and false negatives determined? c.How are false positives and false negatives tested? d.Which is riskier to the health of the network, a false positive or a false negative? Describe your analysis about testing for false negatives and false positives using tools such as IDSs and firewalls, and include this as recommendations for the banks in your public service Joint Network Defense Bulletin. Discuss the concept of performing statistical analysis of false positives and false negatives.
  • 11. Explain how banks can reduce these issues. Research possible ways to reduce these events and include this information as recommendations in the Malicious Network Activity Report. Network intrusion analysis is often done with a tool such as Snort. Snort is a free and open-source intrusion detection/prevention system program. It is used for detecting and preventing malicious traffic and attacks on networks, analysis, and education. Such identification can be used to design signatures for the IDS, as well as to program the IDS to block this known bad traffic. Network traffic analysis is often done using tools such as Wireshark. Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development and education. Cybersecurity professionals must know how to perform network forensics analysis.
  • 12. In the next step, you will analyze network traffic. Step 5: Determine Sensitivity of Your Analysis In the previous step, you completed network analysis. In this step, you will determine which information to include in which document. Information appropriate for internal consumption may not be appropriate for public consumption. The Joint Network Defense Bulletin may alert criminals of the network defense strategy. Therefore, be careful about what you include in this bulletin. Once you have assessed the sensitivity of the information, include appropriate information in your Malicious Network Activity Report. Then, include appropriate information in the Joint Network
  • 13. Defense Bulletin in a way that educates the financial services consortium of the threat and the mitigating activities necessary to protect against that threat. Step 6: Explain Other Detection Tools and Techniques In the previous step, you included appropriate information in the proper document. In this step, perform independent research and briefly discuss what other tools and techniques may be used to detect these signatures. Provide enough detail so that a bank network administrator could follow your explanation to deploy your system in production. Include this information in the Joint Network Defense Bulletin. Next, move to the next step, where you will organize and complete your report. Step 7: Complete Malicious Network Activity Report
  • 14. Now that you have gathered all the data for your Malicious Network Activity Report, it is time to organize and submit it. The following is a suggested outline: 1.Introduction: Describe the banking institution and the issue you will be examining. 2.Overview of the Network Architecture 3.Network Attacks 4.Network Traffic Analysis and Results 5.Other Detection Tools and Techniques 6.Recommended Remediation Strategies Submit your report to the Assignments folder. You are now ready for the final step, the Joint Network Defense Bulletin. Step 8: Create the Joint Network Defense Bulletin
  • 15. In this step, you will create the Joint Network Defense Bulletin. Compile the information you have gathered, taking care to eliminate any sensitive bank-specific information. The Joint Network Defense Bulletin is an educational document for the financial services consortium. This bulletin should be addressed to the FBI chief and the FS-ISAC representative. Here is a list of the final deliverables for Project 2. Deliverables •Malicious Network Activity Report: An eight- to 10-page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations.
  • 16. •Joint Network Defense Bulletin: A one- to two-page double- spaced document.