initial investigative process -Cybercrime

The LMJAd
corporate management has been informed by the network administrative team there was a malware/ransomware attack and infection overnight requiring the
incident response team to take immediate action. The infection came from a malware attachment on a phishing email, and was reported by a user with a priority trouble
ticket. Initial interviews suggest the incident may have come from an internal employee.
In this first phase of the incident response process the incident response team must perform an incident review. Describe in detail each item below as part of the initial
investigative process only to be applied to this incident:
Step 1: Review of notes taken from user interviews
Step 2: Performing risk assessments
Step 3: Creating data collection checklists
Step 4: Creation of incident timelines and investigatory scope.
Step 5: Drafting of the forensics incident response plan
As part of your descriptions, provide the specific tasks that you need to perform for steps 1 through 5. In later Units we will discuss in detail the specific investigative
approach to identify, collect, preserve, analyze, and report on the incident.

Looking for a Similar Assignment? Our Experts can help. Use the coupon code SAVE30 to get your first order at 30% off!
%d bloggers like this: