INCIDENT RESPONSE - BEST PRACTICES FOR COMMON ATTACK SCENARIOS - PowerPoint PPT Presentation

About This Presentation
Title:

INCIDENT RESPONSE - BEST PRACTICES FOR COMMON ATTACK SCENARIOS

Description:

In this comprehensive guide by InfoSecTrain, discover effective strategies for incident response in the face of common cyber threats. Explore CyberSecurity best practices, IncidentResponse frameworks, and expert insights to mitigate risks posed by Malware, Phishing, and DDoS attacks. Equip your team with the knowledge to detect, contain, and eradicate threats swiftly, ensuring a resilient security posture. Download the PDF now for a proactive approach to safeguarding your digital assets. – PowerPoint PPT presentation

Number of Views:4
Slides: 9
Provided by: infosectrain01
Tags:

less

Transcript and Presenter's Notes

Title: INCIDENT RESPONSE - BEST PRACTICES FOR COMMON ATTACK SCENARIOS


1
INCIDENT RESPONSE
www.infosectrain.com
BEST PRACTICES FOR COMMON
SACTETNAARCIOKS
2
BRUTE FORCING
www.infosectrain.com
INVESTIGATION
Analyze Active Directory, application, and
operating system logs for multiple login
failures. Contact the user to confirm the
legitimacy of login attempts.
01 02
ACTIONS
01
If unauthorized activity is confirmed, disable
the account.
  1. Investigate and block the attackers IP address.
  2. Implement account lockout policies to prevent
    brute force attacks

3
BOTNETS
www.infosectrain.com
INVESTIGATION
01
Monitor network traffic for connections to
suspicious IPs.
02 Check OS logs for new or suspicious
processes. Contact the server owner and support
team for information.
03
ACTIONS
01
Identify and remove malicious processes.
  1. Fix the vulnerabilities by applying necessary
    patches.
  2. Isolate the affected server to prevent further
    malicious activities.

4
RANSOMWARE
www.infosectrain.com
INVESTIGATION
01
Check for anti-virus alerts and malware
indicators.
02 Monitor network traffic for connections to
suspicious IPs.
ACTIONS
01
Request anti-virus checks and initiate a malware
scan.
02 Isolate the infected machine to prevent
further spread.
5
DATA EXFILTRATION
www.infosectrain.com
INVESTIGATION
01
Monitor network traffic for abnormally high
traffic patterns using DLP.
02 Check proxy logs and OS logs for unusual
activities.
ACTIONS
01
If a rogue employee is suspected, contact their
manager for an internal investigation.
02 If it's an external threat, isolate and
disconnect the compromised machine from the
network.
6
COMPROMISED ACCOUNT
www.infosectrain.com
INVESTIGATION
01
Analyze Active Directory logs, OS logs, and
network traffic for indicators of a compromised
account.
02 Contact the user for additional information.
ACTIONS
01
If a compromised account is confirmed, disable
the account, change the password
02 Conduct forensic investigations to determine
the extent of the breach.
7
DENIAL OF SERVICE
www.infosectrain.com
INVESTIGATION
01
Monitor network traffic for abnormally high
traffic.
02 Review firewall logs and OS logs for signs of
the attack.
ACTIONS
01
If the DoS is due to vulnerabilities, contact the
patching team to remediate the vulnerabilities.
  • Enable redundancy and failover for uninterrupted
    service during an attack.
  • For a network traffic-induced attack, contact
    network support
  • or ISP and refrain from disclosing sensitive
    information
  • too quickly.

8
FOUND THIS USEFUL?
Get More Insights Through Our FREE Courses
Workshops eBooks Checklists Mock Tests
LIKE
SHARE
FOLLOW
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "INCIDENT RESPONSE - BEST PRACTICES FOR COMMON ATTACK SCENARIOS" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!