Assignment and Discussions

Anonymous
timer Asked: Nov 10th, 2018
account_balance_wallet $9.99

Question Description

Assignment 3: Incident Response (IR) Strategic Decisions
Due Week 6 and worth 75 points



Suppose that you have been alerted of a potential incident involving a suspected worm spreading via buffer overflow techniques, compromising Microsoft IIS Web servers. As the IR Team leader, it is your responsibility to determine the next steps.



Write a two to three (2-3) page paper in which you:



Explain in detail the initial steps that would need to be made by you and the IR team in order to respond to this potential incident.
Construct a process-flow diagram that illustrates the process of determining the incident containment strategy that would be used in this scenario, and identify which containment strategy would be appropriate in this case, through the use of graphical tools in Visio, or an open source alternative such as Dia. Note: The graphically depicted solution is not included in the required page length.
Construct a process flow diagram to illustrate the process(es) for determining if / when notification of the incident should be relayed to upper management, and explain how those communications should be structured and relayed through the use of graphical tools in Visio, or an open source alternative such as Dia. Note: The graphically depicted solution is not included in the required page length.
Detail the incident recovery processes for the resolution of this incident.
Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.



Your assignment must follow these formatting requirements:



Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.



The specific course learning outcomes associated with this assignment are:



Summarize the various types of disasters, response and recovery methods.
Develop techniques for different disaster scenarios.
Use technology and information resources to research issues in disaster recovery.
Write clearly and concisely about disaster recovery topics using proper writing mechanics and technical style conventions.




DISCUSSION 1
"Encryption in Investigations" Please respond to the following:



Discuss in your own words the effects that encryption can have on incident response activities, and explain how the use of encryption technologies could prove to be detrimental to an investigation.
Devise an example of an incident where encryption could be used as protection from an intruder or attacker, and determine the actions that could be taken by the incident responders to manage the situation.




DISCUSSION 2
"e-Discovery in Action" Please respond to the following:



From the e-Activity, explain the top three reasons why you believe organizations may be unprepared to manage incidents effectively and in a timely fashion. Provide real-world examples to support your chosen reasons.
From the e-Activity, determine which of the seven recommendations to improve e-Discovery and incident management you would consider the most important for organizations to address. Justify your answer.

Tutor Answer

Engr_Audrey
School: University of Maryland

The files below contain complete work of your assignment. Kindly check it and let me know if you need any clarification. Thank you.

Running Head: DISCUSSION 1

1

Discussion 1
Name
Institutional Affiliations
Date

DISCUSSION 1

2

Discussion 1
Encryption is a very essential technique in the security of data transmitted over networks.
Encryption can have a great role in incident response. The use of encryption technologies can be
used to secure data resources such that even in the event of a data breach, the intruder would still
not get the information as it is in a form not readable by the human mind. It is therefore very
detrimental to an organization and should be applied at all systems where data transits over
networks (Luttgens, Pepe & Mandia, 2014).
Encryption can be used as a protection measure where an intruder gets unauthorized access to
data resources. The incident responders can manage the situation by using this technique to
encrypt this data I a way that the attackers will not be able to decrypt.

DISCUSSION 1

3

References
Luttgens, J. T., Pepe, M., & Mandia, K. (2014). Incident response & computer forensics.
McGraw-Hill Education Group.


Running Head: DISCUSSION 2

1

Discussion 2
Name
Institutional Affiliations
Date

DISCUSSION 2

2

Discussion 2
The organization can be unprepared for such an event if they do not have an incident response
team to manage such inci...

flag Report DMCA
Review

Anonymous
Tutor went the extra mile to help me with this essay. Citations were a bit shaky but I appreciated how well he handled APA styles and how ok he was to change them even though I didnt specify. Got a B+ which is believable and acceptable.

Similar Questions
Related Tags

Brown University





1271 Tutors

California Institute of Technology




2131 Tutors

Carnegie Mellon University




982 Tutors

Columbia University





1256 Tutors

Dartmouth University





2113 Tutors

Emory University





2279 Tutors

Harvard University





599 Tutors

Massachusetts Institute of Technology



2319 Tutors

New York University





1645 Tutors

Notre Dam University





1911 Tutors

Oklahoma University





2122 Tutors

Pennsylvania State University





932 Tutors

Princeton University





1211 Tutors

Stanford University





983 Tutors

University of California





1282 Tutors

Oxford University





123 Tutors

Yale University





2325 Tutors