Tuesday, October 29, 2019
Cyber Incident Response for Blue Moon Financial Term Paper
Cyber Incident Response for Blue Moon Financial - Term Paper Example The company has been faced with several challenges with respect to addressing the network intrusion attacks and cyber security issues because it is ill equipped to deal with such issues. This paper discusses how I will deal with the active network intrusion attack in the company under various sub-topics. The first steps to take in the current scenario are to identify the nature of attack. I am the only person who is qualified and well trained to deal with such issues. Therefore, before informing anyone else about it, I will first find out the type of the attack targeted towards the company. This will be the first step towards stopping the attack because further steps cannot be initiated if the type of attack is not known well. Secondly, I will localize the source. This means that I have to use firewall and IDS logs to try to find out where the attack is coming from to be able to know whether the attack is coming from a compromised host or from the outside world. This is also essential in ensuring that the attack can be stopped as soon as possible (Sharma, et.al, 2015). After this, the next step that I will take entails blocking the attack. Once it source and the nature of attack is clarified, I will take the necessary actions towards blocking it (Youssef, & Emam, 2011). These actions will include pulling the machines that have been attacked from the network, block the access to the network from that IP address if the attack is coming from outside. Depending on the type of the attack, I may have to use ISP if the attack is a DDoS attack. I will also backup the evidence of the attack by keeping the logs generated to ensure that I have a detailed account of the attack. I will also find other compromised machines and use appropriate tools to root out any other machines that have been attacked. The last aspect is to ensure that I do not
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.