Intrusion Detection and Incidence Response Course
2 page paper APA format with references
Symptoms of Attack
You are a consultant requested by one of your clients, a Chief Technology Officer (CTO) of a major online stock trading company, to respond to an intrusion that has infected 350 Windows PCs users spread throughout a large multi-level office building. The CTO is not satisfied with the current response and would like an incident response professional to create a â€žhypothesisâ€Ÿ on a possible cause of the symptoms of the attack, and the specifics of the required approach related to intrusion detection and response. An example of a hypothesis would be: “The PCs on the network are suffering from a high rate of malicious code infection and network security has been compromised.”
After creating your hypothesis, what IDS approach, required tools, and incident detection and response principles must be implemented by the professional to prove or disprove your stated hypothesis? What are the steps used to prove or disprove your hypothesis? How is your hypothesis verified to determine it was successful?
This paper should be 1-2 pages long and should reflect your ability to explore a problem and analyze resulting troubleshooting methodologies.