Description
Contact Information and Incident
Name: Aloysius S. Zayzay
Job Title: Team Coordinator (Blue)
Phone: 202-567-2254
Mobile: 240-989-8609
Fax: 202-567-2253
Incident General Information
Incident #: 0000945
Source of Incident: External
Type of Incident: Rogue Access Point/Evil Twin AP; Malware
Date/Time of Incident: 12/04/2017, 11:35 AM EST
Date/Time of Incident Detection: 12/04/2017, 11:55 AM EST
Site: Sifers-Grayson Campus Facility
Impact Category: Network Infrastructure
Severity Level: High
Confidential/PII Affected: YES
Systems and Services Impacted: Entire Network
Incident Summary
The Red Team conducted a penetration test and was successful using several different methods including: Rogue Access Point; Malware Injection; WEP Key Cracking; VPN Login Crack; etc.
Incident Mitigation
We are in a time where businesses are more digitally advanced than ever, and as technology improves, organizations’ security postures must be enhanced as well. Failures to do so could result in a costly data breach, as we have seen happen with the Penetration Test conducted at our facility. There is no specific target for these cybercriminals, so in order to mitigate the risk and safe guard our data, programming codes and reputation, it is vital to invest in an advanced security system for Sifers-Grayson.
Recommendation
I recommend the following action(s) be taken:
- Firewall be installed on the boarder of R&D Center network
- Change the Wi-Fi encryption protocol to WPA2
- Encrypt all data
- User Awareness to Phishing tactics
- Install IDPS on the network
- Install Antivirus on host PCs
- Setup a port-based authentication and MAC filtering
- Configure VPN on the network
Additional Notes
As a team leader, it is my responsibility to build a culture of security awareness and fill in the gaps in our team’s cybersecurity knowledge and understanding. It’s essential that your workforce be informed of cybersecurity risk, so it will be less likely for an employee to fall victim to an attack
NB: I had to make a change to my post after reading a response by the instructor in which we are told to document the incident response.
Explanation & Answer
Attached.
Insert surname here:1
Title
Institution affiliation
Date
Incident Summary
The Red Team conducted a penetration test and was successful using several different methods
including Rogue Access Point; Malware Injection; WEP Key Cracking; VPN Login Crack; etc.
penetration test is a simulated attack on a computer system that has been authorized in order to
evaluate the security of the system. Rogue Access Point it is a wireless access point involves a
wireless access point which has already been installed and where it has been installed it is on a
secure network and it has an unauthorized local network administrator. In rogue accesses point
using a WIFI adapter a soft accesses point can be set up and this will make it possible to share a
wired network accesses without the ...