Unit Code/s & Name/s VU21994 Perform basic cyber security data analysis
Assessment Type Written
Assessment Name Incident response
Assessment Task No. AT 1
VU21994 Perform Basic Cyber Security Data Analysis Assignment-Tafe Queensland University Australia.
Introduction:
You are an analyst working at Techno Intelligence Threat Systems. They have an existing set of procedures to deal with these two unwanted security incidents:
1) A suspected DDOS attack
2) A suspected phishing attack
The existing procedure is as follows. Your boss believes that these procedures need to be improved.
- Identification of the network attack
- Disconnect the infected computer from the network
- Scan the computer with updated antivirus and antimalware, and remove all suspected files and software
- Connect the computer to the network
Evaluation of Existing Procedures
Read the above procedures for these two potential security incidents. Evaluate them and highlight issues with them that may result in poor handling of these incidents. Choose at least one sub task and discuss how it could be modified to improve the handling of the incidents.
Write your evaluation as a report which you will forward to your boss.
Create New Procedures in Flowchart Format
The boss agrees with your evaluation and asks you to redesign both incident response procedures in the form of flow charts. The flow chart should consist of a top level which lists the main decisions to take, what data is to be used to make this decision, and list the major sub tasks to be performed based on each decision.
VU21994 Perform Basic Cyber Security Data Analysis Assignment-Tafe Queensland University Australia.
Implement each sub task as a sequence of steps to perform. If necessary, sub tasks may themselves contain decisions, the data used to make each decision and the steps to perform based on the decisions made.
In general, both flow charts must outline:
- a brief description of the symptoms observed from the data collected
- the decisions to be made based on this data
- suitable containment, mitigation and recovery subtasks to deal with incident
In this phase, you should select and implement at least a sub task of one of the incidents. For example, you can implement data recovery, or malware eradication.
Your flowchart should use the <symbols etc.>.
As a guide you may follow the SANS Six(6) Steps of Incident Handling in your flowchart
This is an individual assessment task.
VU21994 Perform Basic Cyber Security Data Analysis Assignment-Tafe Queensland University Australia.
You are required to list any resources you use in your assessment in the space below.
NB: Flow charting has the ability to take a large problem and ‘chunk’ it down into sub-tasks for easier processing.
ORDER Now This VU21994 Perform Basic Cyber Security Data Analysis Assignment And Get Instant Discount
