Cyber Attack & Ethical Hacking
Week 9
Investigating and Responding to Security Incidents (Assignment 1)
Instructions
To demonstrate your understanding of core concepts and procedures presented in this unit, you are required to complete the Investigating and Responding to Security Incidents lab, linked in the course room.
- At the first indication of comprise, what should you do?
- Is malware that is quarantined by an antivirus program considered to be eradicated? Explain your answer.
- List the six-step incident handling process recommended by the SANS Institute.
- Compare identification and containment during the incident response process.
- Should you include the incident response in your information security policy? Explain your answer.
- What is the relevance of the post-mortem step during incident response?
Refer to the Investigating and Responding to Security Incidents scoring guide to ensure that your work meets the grading criteria for this assignment.
Submit your assignment by midnight Sunday (CST).
Cyber Attack & Ethical Hacking Submission Requirements
- Written communication: Writing should be clear and well organized, with no technical writing errors, as expected of a business professional.
- Format: Typed, double-spaced lines.
- Font: Times New Roman, 12 points.
[u09a2] Unit 9 Assignment 2
Incident Response and Intrusion Prevention Strategy
(Assignment 2) 5-7 pages
Introduction
To increase business transactions and maximize profits, a health care organization established an international partnership with another health care organization. The appropriate business associate agreements and memorandum of association were put in place. A month after the partnership was initiated, the health care organization was the victim of a cyber-attack. Mitigation efforts were in the millions of dollars.
Cyber Attack & Ethical Hacking Instructions
Organizational leadership has requested that you develop a 5–7 page incident response and intrusion prevention strategy.
Your report must:
- Describe four guidelines that can be included in a disaster recovery plan to assist in preparing for future attacks.
- Evaluate three testing suites that can be used to test a disaster recovery plan.
- Describe principles and best practices that should be used to handle evidence acquired during the response to an incident.
- Describe an intrusion prevention strategy.
Your assignment must be supported by a minimum of four recent peer-reviewed sources. Citations and references must be formatted using current APA style.
Structure your report as follows:
. Title page.
. Introduction.
. The main body (at least five pages); use headings to identify individual sections.
. Summary and conclusion.
. References page.
Capella academic integrity standards must be strictly followed.
Submission Requirements
. Written communication: Writing should be clear and well organized, with no technical writing errors, as expected of a business professional
. References: Include a minimum of four recent, peer-reviewed references.
. APA Style: Citations and references must be formatted using current APA style.
. Length of report: A minimum of five typed, double-spaced pages, excluding the title page and references page.
. Font: Times New Roman, 12 points.
Linux Tools and Vulnerability Management (1-page Discussion)
Introduction
Kali Linux is an essential tool for anyone involved in penetration testing. Having a good working knowledge of the tools included in the Kali Linux distribution will allow you to investigate and mitigate threats against networks and systems. Another advantage of being proficient using these tools is that you will gain a better understanding of the tools available to attackers.
Instructions
You suspect that hackers have infiltrated your network and launched attacks against many key systems. You need to quickly determine how your systems were compromised.
As a member of the blue team in your organization, discuss:
. Five Kali Linux tool that can be used to assess the attacks.
. How one of the Kali Linux tools can be used to mitigate the attacks.
Network Security and Vulnerability Threats