Description
1. Discuss the issues involved in protecting all of the organization's information. Should Instant Messaging (IM) conversations be preserved? What are the legal aspects of IM conversations? How might an organization notify its users that all communications are being monitored and preserved? (300words)
2. What are the steps for recovering from a DoS or DDoS attack? (250 Words)
3. Read the following story, which simulates four likely IT-related disasters: Worst-Case Scenarios: When Disaster Strikes.
Select one of these simulations and write the after-action report. What recommendations can you make to improve the IR plan that the organization used? Justify your answer. (800Words, including introduction and conclusion)
3 separate documents
Explanation & Answer
Hello check the three files
DoS or DDoS Attack
A denial of service attack on an organization might lead to a lot of loses by the company due to
crippled functions thus the need to recover as quickly as possible. Below are the four major steps
to be undertaken for proper DoS attack recovery.
a) Reestablish Your BGP Connections
After a DoS attack, the IT department should work towards re-establishing the BGP connections
between transit providers and the peering partners connected to your network interface.
Reestablishing BGP connections helps keep the connection on through the “keepalive” Messages
that interrogate a receiver or sender system of availability after an interval of about 1 minute. In
case the transit provider does not receive a response from the “keepalive” message, the
connection is dropped thus the need to keep the BGP protocol running (Matthews, 2016).
b) Restart Firewalls and Other Appliances
The second step after the attack should be to ensure that some of the system defenses are back
online so as to provide some security against a follow-up attack (Matthews, 2016). Therefore,
the IT experts will need to restart the system in a correct order to avoid overloading them with
due traffic.
c) Reconnect to the ISP
ISP providers always cut off connectivity to users who appear to have been attacked by DoS
(Matthews, 2016).. This is because their systems can use up too much bandwidth thus costing
them and other users financially and slowing the whole system.
d) Application Recovery
The company then devises a strategy for allowing the customers to reconnect to the application
without breaking it with pent-up traffic. Rerouting traffic to other servers or use of geographical
recovery can help prevent overloading of the system’s application (Matthews, 2016).
References
Matthews, T. (2016, 4 16). How to Recover in the Aftermath of a DDoS Attack. Retrieved from
https://www.incapsula.com/blog/recover-aftermath-DDoS-attack.html
Acme Financial Company Disas...
Review
Review
