University : | TAFE Queensland UniLearnO is not sponsored or endorsed by this college or university. |
---|---|
Assessment Criteria:
To achieve a satisfactory result, your assessor will be looking for your ability to demonstrate the following key skills/tasks/knowledge to an acceptable industry standard:
Analyse the incidents reported
Develop an incident response in the form of flow chart
Introduction
You are an analyst working at Techno Intelligence Threat Systems. They have an existing set of procedures to deal with these two unwanted security incidents:
A suspected DDOS attack
A suspected phishing attack
The existing procedure is as follows. Your boss believes that these procedures need to be improved.
Identification of the network attack
Disconnect the infected computer from the network
Scan the computer with updated antivirus and antimalware, and remove all suspected files and software
Connect the computer to the network
Evaluation of Existing Procedures
Read the above procedures for these two potential security incidents. Evaluate them and highlight issues with them that may result in poor handling of these incidents. Choose at least one subtask and discuss how it could be modified to improve the handling of the incidents.
Write your evaluation as a report which you will forward to your boss
Create New Procedures in Flowchart Format
The boss agrees with your evaluation and asks you to redesign both incident response procedures in the form of flow charts. The flow chart should consist of a top level which lists the main decisions to take, what data is to be used to make this decision, and list the major subtasks to be performed based on each decision.
Implement each subtask as a sequence of steps to perform. If necessary, subtasks may themselves contain decisions, the data used to make each decision and the steps to perform based on the decisions made.
In general, both flow charts must outline:
a brief description of the symptoms observed from the data collected
the decisions to be made based on this data
suitable containment, mitigation and recovery subtasks to deal with incident
In this phase, you should select and implement at least a subtask of one of the incidents. For example, you can implement data recovery, or malware eradication.
This Engineering Assignment has been solved by our Engineering Experts at UniLearnO. Our Assignment Writing Experts are efficient to provide a fresh solution to this question. We are serving more than 10000+ Students in Australia, UK & US by helping them to score HD in their academics. Our Experts are well trained to follow all marking rubrics & referencing style.
Be it a used or new solution, the quality of the work submitted by our assignment experts remains unhampered. You may continue to expect the same or even better quality with the used and new assignment solution files respectively. There’s one thing to be noticed that you could choose one between the two and acquire an HD either way. You could choose a new assignment solution file to get yourself an exclusive, plagiarism (with free Turnitin file), expert quality assignment or order an old solution file that was considered worthy of the highest distinction.
Eureka! You've stumped our genius minds (for now)! This exciting new question has our experts buzzing with curiosity. We can't wait to craft a fresh solution just for you!