Hello, Need help to complete assignment. Select ONE of the following security incidents and provide the following information: 1. A SQL Injection was performed by a hacker, resulting in the loss of

Hello, 

Need help to complete assignment. 

Assignment: 

Compromised passwords. You discovered that an attacker used rainbow tables to attack your domain's password file in an offline attack. Assume that all of your user's passwords are compromised.

Paragraph 1:  IRT Team. What would the IRT team look like for this incident (who would be on the team to be able to effectively handle the event)? Justify your choices.

Paragraph 2:  Approach. Address HOW you would respond. What logs or tools would you use to identify/analyze the incident?  What would alert you to the incident? What tools would you use to contain/recover from the incident? 

Paragraph 3: Metrics. Who would you measure your team's response effectivenss?  What measurements/metrics would you track?

Thanks,