Answered You can hire a professional tutor to get the answer.

QUESTION

The LMJAdcorporate management has been informed by the network administrative team there was a malware/ransomware attack and infection overnight requiring theincident response team to take immediate a

The LMJAd

corporate management has been informed by the network administrative team there was a malware/ransomware attack and infection overnight requiring the

incident response team to take immediate action. The infection came from a malware attachment on a phishing email, and was reported by a user with a priority trouble

ticket. Initial interviews suggest the incident may have come from an internal employee.

In this first phase of the incident response process the incident response team must perform an incident review. Describe in detail each item below as part of the initial

investigative process only to be applied to this incident:

Step 1: Review of notes taken from user interviews

Step 2: Performing risk assessments

Step 3: Creating data collection checklists

Step 4: Creation of incident timelines and investigatory scope.

Step 5: Drafting of the forensics incident response plan

As part of your descriptions, provide the specific tasks that you need to perform for steps 1 through 5. In later Units we will discuss in detail the specific investigative

approach to identify, collect, preserve, analyze, and report on the incident.

Show more
LEARN MORE EFFECTIVELY AND GET BETTER GRADES!
Ask a Question