Case Scenario:

On Thursday morning, John, an XYZ university employee, noticed a warning message on his computer saying that the system has been attacked by a worm Win32.VB. Even though the antivirus software was present in the system, the software failed to detect the new worm because it was not updated to the latest version. When John tried to open his e-mail, he experienced a slow internet connection. He noticed there were some unusual file names in the disk. John immediately informed his friend Bob, who was also an XYZ employee, of the problem. Bob checked his computer in his office and experienced the same problem as John. John and Bob checked several computers in the laboratories, and found that Win32.VB worm had infected many other computers in the laboratory. They contacted the system administrator of the XYZ University. The system administrator checked the computers in the laboratory and reported the incident to the incident response team. The system administrator also checked the computers in other laboratories. As a result of the worm attack the activities in the XYZ University laboratory were suspended for a day, which caused a great inconvenience.

Case Objectives:

• Create an incident response plan please refer to NIST specifications.
• Must include cyber hunt procedures etc.
• Identify the vulnerabilities
• Identify the roles and responsibilities in an incident response team
• Identify sources of evidence for an incident
• Identify sources of evidence for an incident.
• Identify the steps an organization should take to contain and recover from an incident.
• Metrics such as effectiveness and efficiency in achieving goal
• Recommend measures to prevent similar incidents from occurring in the future.
• Recommend actions to improve the detection of similar events.

Requirements:

• Minimum of 1,250 words / Maximum 1,800 words (Double spaced)
• APA style
• At least 7 works cited
• At least 5 of your references have to be scholarly peer-reviewed articles
• Research paper will be checked for plagiarism so be sure to correctly cite your sources!
• 80/20 rule for all submissions