Question
On a Tuesday night, a database administrator performs some off-hours maintenance on several production database servers. The administrator notices some unfamiliar and unusual directory names
On a Tuesday night, a database administrator performs some off-hours maintenance on several production database servers. The administrator notices some unfamiliar and unusual directory names on one of the servers. After reviewing the directory listings and viewing some of the files, the administrator concludes that the server has been attacked and calls the incident response team for assistance. The teams investigation determines that the attacker successfully gained root access to the server six weeks ago.
Would the organization consider this activity to be an incident? If so, which of the organization's policies does this activity violate? (Section 2.1)
What measures are in place to attempt to prevent this type of incident from occurring or to limit its impact? (Section 3.1.2)
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started
Demystifying Databases A Hands On Guide For Database Management
Authors: Shiva Sukula
1st Edition
8170005345, 978-8170005346
