TranscriptIntroduction to Packet Capture and Intrusion Detection Prevention SystemsYou are a network analyst on the fly-away team for the FBI's cybersecurity sector engagement division. You've been deployed several times to financial institutions to examine their networks after cyberattacks, ranging from intrusions and data exfiltration to distributed denial of services to their network supporting customer transaction websites.A representative from the Financial Services Information Sharing and Analysis Center, FS-ISAC, met with your boss, the chief net defense liaison to the financial services sector, about recent reports of intrusions into the networks of banks and their consortium.He's provided some of the details of the reports in an email. "Millions of files were compromised, and financial officials want to know who entered the networks and what happened to the information. At the same time, the FS-ISAC has seen extensive distributed denial of service disrupting the bank's networks, impacting the customer websites, and blocking millions of dollars of potential transactions," his email reads.You realize that the impact from these attacks could cause the downfall of many banks and ultimately create a strain on the US economy. In the email, your chief asks you to travel to one of the banks and using your suite of network monitoring and intrusion detection tools, produce two documents—a report to the FBI and FS-ISAC that contains the information you observed on the network and a joint network defense bulletin to all the banks in the FS-ISAC consortium, recommending prevention methods and remediation against the types of malicious traffic activity that they may face or are facing.Network traffic analysis and monitoring help distinguish legitimate traffic from malicious traffic.Network administrators must protect networks from intrusions. This can be done using tools and techniques that use past traffic data to determine what should be allowed and what should be blocked. In the face of constantly evolving threats to networks, network administrators must ensure their intrusion detection and prevention systems are able to analyze, monitor, and even prevent these advanced threats.In this project, you will research network intrusion and prevention systems and understand their use in a network environment. You will also use monitoring and analysis technologies in the Workspace to compile a Malicious Network Activity Report for financial institutions and a Joint Network Defense Bulletin for a financial services consortium.The following are the deliverables for this project:DeliverablesMalicious Network Activity Report: An eight- to 10-page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations.Joint Network Defense Bulletin: A one- to two-page double-spaced document.Lab Report: A Word document sharing your lab experience along with screenshots.There are eight steps to complete the project. Begin with the workplace scenario and continue to Step 1, “Create a Network Architecture Overview.”CompetenciesYour work will be evaluated using the competencies listed below.1.1: Organize document or presentation clearly in a manner that promotes understanding and meets the requirements of the assignment.1.2: Develop coherent paragraphs or points so that each is internally unified and so that each functions as part of the whole document or presentation.1.3: Provide sufficient, correctly cited support that substantiates the writer's ideas.1.4: Tailor communications to the audience.2.1: Identify and clearly explain the issue, question, or problem under critical consideration.2.2: Locate and access sufficient information to investigate the issue or problem.2.3: Evaluate the information in a logical and organized manner to determine its value and relevance to the problem.2.4: Consider and analyze information in context to the issue or problem.2.5: Develop well-reasoned ideas, conclusions or decisions, checking them against relevant criteria and benchmarks.5.3: Uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network in order to protect information, information systems, and networks from threats.8.1: Demonstrate the abilities to detect, identify, and resolve host and network intrusion incidents.8.2: Possess knowledge and skills to categorize, characterize, and prioritize an incident as well as to handle relevant digital evidence approporiately.8.4: Possess knowledge of proper and effective communication in case of an incident or crisis.8.5: Obtain knowledge and skills to conduct a postmortem analysis of an incident and provide sound recommendations for business continuity.9.1: Knowledge of the Information Technology industry, its systems, platforms, tools, and technologies.Project 2: Introduction to Packet Capture and Intrusion Detection/Prevention SystemsStart HereStep 1: Create a Network Architecture OverviewStep 2: Identify Network AttacksStep 4: Analyze Network TrafficStep 5: Determine Sensitivity of Your AnalysisStep 6: Explain Other Detection Tools and TechniqueStep 8: Create the Joint Network Defense BulletinClose

Ensuring that a system is free from vulnerabilities is a constant challenge; even more so in large, complex computing environments that depend on a myriad of software and hardware configurations. However, IT security professionals and hackers alike can leverage and exploit system vulnerabilities.One resource to search for common vulnerabilities is the CVE website, a collection of common vulnerabilities and exposures: http://cve.mitre.org/find/index.htmlAfter reviewing the CVE site, discuss the importance of detecting and protecting against system or software vulnerabilities. Also, discuss how hackers exploit system and software vulnerabilities to conduct an attack. What kinds of organizations do you think are most at risk of being attacked? Why?In preparing your response, cite at least one source from professional or academic literature, such as articles from peer-reviewed journals and relevant textbooks. For this course, the use of Wikipedia is not considered an academic or professional reference. You should also be sure to proof-read and spell-check your responses. All sources should be formatted per University academic writing standards and APA style guidelines.