[SOLVED] Incident Investigation

Background As cybercrimes have become more sophisticated over the years, organizations needed better solutions to prevent and manage threats. Eventually, this leads to full time incident response teams. Part of the incident response efforts are to understand and assess exactly what was done during an attack or compromise. Systems need to be scrutinized by a variety of forensic tools and in-depth investigations so that organizations can understand the depths of a compromise and the impact that compromise may have to information assets. Based on the scenario described (just before the guided exercise):  a. Create an incident response report using concepts from the guided exercise and the previous labs. The report should be no more than 3 pages, and should include: i. Executive Summary (for non-technical decision-makers) • Answer specifics such as: a. What was the attackers IP address? b. How did attacker know which accounts to try? c. Was root compromised? d. How do we get more information on the File Manager app? ii. Detection and Analysis (of the incident and events) • Identify what, how, who, where, and when. • Provide evidence (screenshots). iii. Recovery • Provide recommendations a. How can they prevent this in the future? b. Should they notify customers and/or stakeholders? • Create a clear and concise timeline of the major events. iv. Lessons Learned (from the company’s perspective)

Don't use plagiarized sources. Get Your Custom Essay on
[SOLVED] Incident Investigation
From $8/Page
Order Essay

Calculate the price of your paper

Total price:$26
Our features

Top Homework Writers is here for any paper writing help you need!

Need a better grade?
Top Homework Writers got you covered.

Order your paper