HomeworkLib
Question

A computer emergency response team is called at midnight to investigate a case in which a...

A computer emergency response team is called at midnight to investigate a case in which a mail server was restarted. After an initial investigation, it was discovered that email is being exfiltrated through an active connection. Which of the following is the NEXT step the team should take?

  • Identify the source of the active connection

  • Perform eradication of the active connection and recover

  • Perform a containment procedure by disconnecting the server

  • Format the server and restore its initial configuration

engineering   Computer-Science   
0 0
Add a comment Improve this question Transcribed image text
Next > < Previous
Sort answers by oldest

Homework Answers

Answer #1

Answer: Identify the source of the active connection

The source of the active connection should be identified first.

It may be possible that the source is a trusted source, in such case the source should be kept connected.

If the connected source is found to be non-trusted the connection should be terminated as soon as possible.

Also, the source should be blocked from any future connection to the mail server.

0 0
Add a comment
Know the answer?
Add Answer to:
A computer emergency response team is called at midnight to investigate a case in which a...
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Log In

Sign Up

Not the answer you're looking for? Ask your own homework help question. Our experts will answer your question WITHIN MINUTES for Free.
Similar Homework Help Questions

  • Suppose a large aerospace engineering firm has immediately hired you as a consultant to investigate a...

    Suppose a large aerospace engineering firm has immediately hired you as a consultant to investigate a potential violation of corporate policy and data theft. You have been informed that an employee may have been using corporate email to send confidential corporate information to one or more personal email accounts, which may or may not belong to him. You have been told that this action has been happening each business day for the last 13 days and the employee is unaware...

  • I have this case study to solve. i want to ask which type of case study...

    I have this case study to solve. i want to ask which type of case study in this like problem, evaluation or decision? if its decision then what are the criterias and all? Stardust Petroleum Sendirian Berhad: how to inculcate the pro-active safety culture? Farzana Quoquab, Nomahaza Mahadi, Taram Satiraksa Wan Abdullah and Jihad Mohammad Coming together is a beginning; keeping together is progress; working together is success. - Henry Ford The beginning Stardust was established in 2013 as a...

  • First, read the article on "The Delphi Method for Graduate Research." ------ Article is posted below...

    First, read the article on "The Delphi Method for Graduate Research." ------ Article is posted below Include each of the following in your answer (if applicable – explain in a paragraph) Research problem: what do you want to solve using Delphi? Sample: who will participate and why? (answer in 5 -10 sentences) Round one questionnaire: include 5 hypothetical questions you would like to ask Discuss: what are possible outcomes of the findings from your study? Hint: this is the conclusion....

ADVERTISEMENT
Free Homework Help App
Download From Google Play
Scan Your Homework
to Get Instant Free Answers
Need Online Homework Help?
Ask a Question
Get Answers For Free
Most questions answered within 3 hours.
ADVERTISEMENT
ADVERTISEMENT