Swamped with your writing assignments? Take the weight off your shoulder!
You are an incident response (IR) manager working in the newly formed Network Operations Center (NOC) for Psinuvia Inc. After a number of web exploits were reported in the news, the Board of Directors for Psinuvia asked you to validate the company’s security. Following the NOC’s standard operating procedure (SOP), you are asked to review the attached outputs from the vulnerability assessment and regular scans for intrusions on Psinuvia’s systems.
Along with detecting and reporting intrusions, per the SOP, you must evaluate the vulnerability scan output to determine whether or not a vulnerability exists on the system(s) with the potential issue and provide a report to upper management for review.
Your submission must be your original work. No more than a combined total of 30% of a submission and no more than a 10% match to any one individual source can be directly quoted or closely paraphrased from sources, even if cited correctly.
You must use the rubric to direct the creation of your submission because it provides detailed criteria that will be used to evaluate your work. Each requirement below may be evaluated by more than one rubric aspect.
A. Summarize the events that lead to the discovery of the potential vulnerability. Record your summary in the attached “NOC Reporting Template.”
B. Summarize the results of the security vulnerability report, nmap host scan and alarm report; including which systems and data were compromised. Be sure to address the basic assessment questions from the attached “Incident Response Plan” as part of your submission. Record your responses in the attached “NOC Reporting Template.”
C. Explain the steps you will take to identify any exploited systems and data that are included in the scope of the incident as part of your documentation in the attached “NOC Reporting Template.”
D. Identify the event level of the incident, who needs to be contacted, and when should they be contacted based on the company’s incident response plan. Record your responses in the attached “NOC Reporting Template.”
E. Justify the interventions you will use to quarantine and remediate the compromised machine using industry best practices. Record your responses in the attached “NOC Reporting Template.”
F. Recommend both administrative controls and technical controls that the NOC could apply to prevent or limit the damage from a similar incident in the future. Record your recommendations in the attached “NOC Reporting Template.”
G. Acknowledge sources, using in-text citations and references, for content that is quoted, paraphrased, or summarized.
H. Demonstrate professional communication in the content and presentation of your submission.