Erinevus lehekülje "Malware:ITX8042:2014:LAB5" redaktsioonide vahel

Allikas: Kursused
Mine navigeerimisribale Mine otsikasti
(Uus lehekülg: '== LAB5 == ===Additional Reading + presentations!=== [ Presentation1] ===Assignment=== ==== Write an incident report.==== Intsident report template [http://lambda.ee/w/ima...')
 
10. rida: 10. rida:
 
==== Write an incident report.====
 
==== Write an incident report.====
  
Intsident report template [http://lambda.ee/w/images/1/1c/Turvaintsidendi_raporti_vorm_eng.doc  Turvaintsidendi_raporti_vorm_eng.doc]
+
Incident report template [http://lambda.ee/w/images/1/1c/Turvaintsidendi_raporti_vorm_eng.doc  Turvaintsidendi_raporti_vorm_eng.doc]
OR use   any other suitable template (Provide te orgin for template)
+
OR use any other suitable template (Provide the origin for the template)
 
   
 
   
  
=== Baseline for incidnet reporting  ===
+
=== Baseline for incident reporting  ===
  
* 4 different computers are infected  with  malware you found in lab 3   
+
* 4 different computers are infected  with  malware you found in lab 3   
(you can choose which computer is infected with witch malware.)
+
(you can freely choose which computers are infected with witch malware.)
 
* computers are located in different network segments  
 
* computers are located in different network segments  
* Company uses  2 different antivirus products Macafee and  Kasperski (brought with computers)   
+
* Company uses  2 different antivirus products McAfee and  Kaspersky (bought with computers)   
 
*[http://lambda.ee/w/images/1/14/4190827.png  Company network layout]
 
*[http://lambda.ee/w/images/1/14/4190827.png  Company network layout]
* Network consist clients with OS  windows xp sp3 , windows 8 , windows 7.
+
* Network consist of clients with OS  windows XP SP3, windows 8, windows 7.
  
  
27. rida: 27. rida:
 
=== Timeline ===
 
=== Timeline ===
  
* 6.oct.2014 17:00  User  Juhan Karu  notice that his computer  with win xp behaved in unusual way before shuting down machine.
+
* 6.oct.2014 17:00  User  Juhan Karu  notices that his computer  with win xp behaves in unusual way before shutting it down.
* 7.oct.2014 15:30  User Malle Maasikas  mentioned to passing administrator that antivirus warned here about website she visited  with here Win 7 machine.
+
* 7.oct.2014 15:30  User Malle Maasikas  mentioned that antivirus warned her about a website she visited  with a Win 7 machine.
* you should describe future time line as you imagine it.
+
* Describe the following timeline (Use your imagination)

Redaktsioon: 8. oktoober 2014, kell 15:53

LAB5

Additional Reading + presentations!

[ Presentation1]


Assignment

Write an incident report.

Incident report template Turvaintsidendi_raporti_vorm_eng.doc OR use any other suitable template (Provide the origin for the template)


Baseline for incident reporting

  • 4 different computers are infected with malware you found in lab 3

(you can freely choose which computers are infected with witch malware.)

  • computers are located in different network segments
  • Company uses 2 different antivirus products McAfee and Kaspersky (bought with computers)
  • Company network layout
  • Network consist of clients with OS windows XP SP3, windows 8, windows 7.


Timeline

  • 6.oct.2014 17:00 User Juhan Karu notices that his computer with win xp behaves in unusual way before shutting it down.
  • 7.oct.2014 15:30 User Malle Maasikas mentioned that antivirus warned her about a website she visited with a Win 7 machine.
  • Describe the following timeline (Use your imagination)
Pärit leheküljelt "http://courses.cs.taltech.ee/w/index.php?title=Malware:ITX8042:2014:LAB5&oldid=770"