Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

Scenario: Bank of the People allows employees to bring their devices to work and use them in the corporate network. They have a Microsoft identity

Scenario:

Bank of the People allows employees to bring their devices to work and use them in the corporate network. They have a Microsoft identity management system for authentication and authorization. A few employees have noticed in the last few days that the onscreen keyboards they use have become slow. Others report that their emails from g mail seem to include an increased number of phishing attacks.

Offer a procedure you recommend to address each. Use at least one non-standard (additional) procedure and explain why is it appropriate.

Initial Compromise

Pivot and Escalation

Command and Control (C2) and Exfiltration

Persistence

Make an estimation and explain what you think happened at each phase. Make a recommendation as to what needs to change in standard procedures as a result of the incident.

image text in transcribed

image text in transcribed

image text in transcribed

Backdoors: \& Breaches INITIAL COMPROMISE Backdoors Backdoors Backdoors 8Breaches 8Breaches PERSISTENCE PROCEDURES :stablished Procedures: Jther Procedures: MEMORY ANALYSIS Incident Response Team pulls the memory from the suspect system and reviews it for possible malicious activity. ENDPOINT ANALYSIS This is where the Defenders use their SANS IR MANEMENT (SIEM) LOG ANALYS the right things? Do youregularly emulate at the to bring in the Hele Desk... and pray. NETWORK THREAT HUNTING - + ar Network Team is on thair game. They cen further harm. USER AND ENTITY BEHAVIOR ANALYTICS (UEBA) It's like logging, but it actually works. UEBA looks for multiple concurrent logins, impossible logins based an geagraphy, unusual. 3. lyi CYBER DECEPTION The attackers go after one of your deception technologies. This could be a Word Web Bug, Honey Account, or a full honeypot. TOOLS CanaryTokens HoneyBadger Active Defense Harbinger Distribution MITRE Shield https://shield.mitre.org/ https://www.activecountermeasures.com/free-tools/adhd/

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image

Step: 3

blur-text-image

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Joe Celkos Data And Databases Concepts In Practice

Authors: Joe Celko

1st Edition

1558604324, 978-1558604322

More Books

Students also viewed these Databases questions