Make sure to include all this
An executive summary
A detailed timeline of the incident. Include detail of the attack
Any containment and eradication steps that you would have taken. (e.g. would you have requested that the web server be restored from back up?). Document these steps as if you had taken them (e.g. At 12:05pm the security team requested the web server be restored from previous clean back up)
Financial impact
Include effort estimates for your investigation and the time resources from any other involved teams
Anything else you can think of that might have had financial impact
The numbers can be completely made up
Lessons learned
NOTE: I AM ATTACHING THE TEAMPLATE FOLLOW THAT TEMPLATE AND PROVIDE A PROPER DETAILS ACCORDINGLY. PROVIDE ALL THE HEADINGS AS IT IS AVAILABLE IN THE TEMPLATE. I WILL ALSO PROVIDE MY TIMELINE THAT YOU CAN USE FOR TIMELINE SECTION
TIMELINE:
07/Nov/2016:14:59:46 First login attempt.
06/Dec/2016:17:29:13 First login attempt was successful.
06/Dec/2016:17:29:17 Plugin file modified
09/Dec/2016:12:30:41 Plugin file modified for the second time after second login attempt.
10/Dec/2016:04:20:20 Plugin file modified for the third time after third login attempt.
15/Dec/2016:11:00:00 SOC received compliant from Computer science department.
05/Jan/2017: 13:00:00 Impact was identified.
11/Jan/2017:11:29:00 Upgraded wordpress version to fix the vulnerability.
Last Completed Projects
topic title | academic level | Writer | delivered |
---|