Background A Vandaly server is also experiencing brute force attacks into their administrator account Management would like you to set up monitoring to notify the SOC team if a brute force attack occurs again Task Analyze administrator logs that document a brute force attack Then, create a baseline of the ordinary amount of administrator bad logins and determine a threshold to indicate if a brute force attack is occurring Upload the administrator login logs Admin Logins When did the brute force attack occur Hints Look for the name field to find failed logins Note the attack lasted several hours Determine a baseline of normal activity and a threshold that would alert if a brute force attack is occurring Design an alert to check the threshold every hour and email the SOC team at SOC vandalay com if triggered

The Answer is in the image, click to view ...

Question: Background: A Vandaly server is also experiencing brute force attacks into their administrator account. Management would like you to set up monitoring to notify the

Background: A Vandaly server is also experiencing brute force attacks into their administrator account. Management would like you to set up monitoring to notify the SOC team if a brute force attack occurs again.

Task: Analyze administrator logs that document a brute force attack. Then, create a baseline of the ordinary amount of administrator bad logins and determine a threshold to indicate if a brute force attack is occurring.

Upload the administrator login logs.
- Admin Logins
When did the brute force attack occur?
- Hints:
  - Look for the name field to find failed logins.
  - Note the attack lasted several hours.
  - Determine a baseline of normal activity and a threshold that would alert if a brute force attack is occurring. -Design an alert to check the threshold every hour and email the SOC team at SOC@vandalay.com if triggered.

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer

Step: 1 Unlock blur-text-image

Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock

Step: 3 Unlock

Students Have Also Explored These Related Databases Questions!

this is my assessment which are am going to send you and i need some things about my assessment : Adding some more detail and diving into the case study a bit deeper would really make your points...

PROJ6000: Principles of Project Management Assessment Assessment 2 - this is actually a case study and its called a Individual Report: PMBoK versus PRINCE2 or Agile in contemporary projects . so one...

PROJ6000: Principles of Project Management Assessment 3 - Project Charter Report. Length 2,000 words (+/- 10%) Task Summary After reading the project case study, use it to develop a 2,000-word...

1. Read the case study below. This will form the basis for your Project Charter, because you will assume that you are the project manager for this project. 2. After reading the case study, begin to...

INTERNATIONAL REVIEW OF L AW C OMPUTERS & TECHNOLOGY , VOLUME 11, N UMBER 2, P AGES 251-261, 1997 The Data Mart: A New Approach to Data Warehousing PAM ELA PIPE Introduction Vendors have recently...

1. Read the case study provided below. This will form the basis for your Project Charter, because you will assume that you are the project manager for this project. 2. After reading the case study,...

Sheffield Corp. will receive $26000 today (January 1, 2017), and also on each January 1st for the next five years (2018 2022). What is the present value of the six $26000 receipts, assuming a 11%...

Explain the difference between intramodal and intermodal competition in the railroad industry. Which form of competition is most beneficial to shippers? Why?

The Fair Credit Reporting Act ( FCRA ) requires that credit bureaus remove obsolete bankruptcy filings from credit reports. A bankruptcy filing is considered to be obsolete after Multiple Choice 7...

Monterey Co. makes and sells a single product. The current selling price is $18 per unit. Variable expenses are $10.8 per unit, and fixed expenses total $35,880 per month. Management is considering a...

4. Develop a self-directed learning module.

2. Provide recommendations for effective on-the-job training.

4. The article discusses the use of video gaming by Cold Stone and Canon. How would you evaluate the effectiveness of video gaming (choose either Cold Stone or Canon)? What outcomes would you...