FREE Trial

Iriss smartphone beeped. Frowning, she glanced at the screen, expecting to see another junk e-mail. Weve really

Question:

Iris’s smartphone beeped. Frowning, she glanced at the screen, expecting to see another junk e-mail.
“We’ve really got to do something about the spam!” she muttered to herself. She scanned the header of the message.

“Uh-oh!” Glancing at her watch and then looking at her incident response pocket card, Iris dialed the home number of the on-call systems administrator. When he answered, Iris asked “Seen the alert yet? What’s up?”
“Wish I knew—some sort of virus,” the SA replied. “A user must have opened an infected attachment.”
Iris made a mental note to remind the awareness program manager to restart the refresher training program for virus control. Her users should know better, but some new employees had not been trained yet.
“Why didn’t the firewall catch it?” Iris asked.
“It must be a new one,” the SA replied. “It slipped by the pattern filters.”
“What are we doing now?” Iris was growing more nervous by the minute.
“I’m ready to cut our Internet connection remotely, then drive down to the office and start our planned recovery operations—shut down infected systems, clean up any infected servers, recover data from backups, and notify our peers that they may receive this virus from us in our e-mail. I just need your go-ahead.”
The admin sounded uneasy. This was not a trivial operation, and he was facing a long night of intense work.
“Do it,” Iris said. “I’ll activate the incident response plan and start working the notification call list to get some extra hands in to help.” Iris knew this situation would be the main topic at the weekly CIO’s meeting. She just hoped her team would be able to restore the systems to safe operation quickly. She looked at her watch: 12:35 a.m.


Questions:

1. What can be done to minimize the risk of this situation recurring? Can these types of situations be completely avoided?
2. If you were in Iris’s position, once the timeline of events has been established, how would you approach your interaction with the second-shift operator?
3. How should RWW go about notifying its peers? What other procedures should Iris have the technician perform?
4. When would be the appropriate time to begin the forensic data collection process to analyze the root cause of this incident? Why?

Fantastic news! We've Found the answer you've been seeking!

Step by Step Answer:

Answer rating: 84% (13 reviews)

1 To minimize the risk of this situation recurring it is important to have a comprehensive security ...View the full answer


answer-question
Answered By
tutor-profile-image
Ann May Kilana
I have several years of experience tutoring students of all ages in a variety of subjects. I am particularly skilled in helping students understand and apply statistical concepts. I am patient and able to adapt my teaching style to meet the needs of each individual student. I am also available to answer any questions students may have outside of our scheduled tutoring sessions. I have developed strong relationships with the students I have tutored over the years, and I am confident that I can help any student improve their grades and understanding of the material.
0.00 0 Reviews 10+ Question Solved
Related Book For  answer-question
Management of Information Security

Management of Information Security

ISBN: 978-1285062297

4th Edition

Authors: Michael E. Whitman, Herbert J. Mattord

See More Books
Question Posted:
See More Questions

Students also viewed these Business questions

Grants Dissector 16th Edition - ISBN: 1496313801 - Free Book