1) You are working as an IT security specialist and you receive a call that a computer...
Question:
1) You are working as an IT security specialist and you receive a call that a computer at the marketing department is acting strangely. You ask a few questions, but the most important question, "Have you accessed, downloaded, or clicked on anything out of the ordinary?" at this point the employee stays quiet and does not answers, you say, I will be right over. Indicate on a step by step basis and in detail what you would do to determine if an incident has occurred, what to do about it and counter its affect. (make an assumption of a type of attack, to outline what you would do, for example, I ran such test and determined it was this attack, not I am going to do this) Consider three different attack scenarios: 1) user initiated, 2) internal attacker initiated, 3) external attacker initiated. 2) Provide an example of each of these Access Control Models: Bell-LaPadula Biba State machine Clark-Wilson