Закрыт

Cyber Security Use Case

We’re looking for a set of use cases (threat scenarios) written around the current issues/risks faced by small/medium sized businesses in regard to opening up their networks for remote connectivity. What the forced shift to remote working means for the cyber threat landscape.

We would like this to take the format of 5 detailed/technical blog posts or similar (as below).

Potential E-Mail Spam Malware / Large volume of emails sent from single address in a short timeframe or large volume of non-deliverable emails

This scenario can indicate malware hijacking mailboxes, causing a significant amount of spam/malicious emails to be sent from a user’s mailbox.

Actions:

Speak to the user whose address has been potentially compromised to determine whether they are aware of the situation. If they are not aware, halt any outgoing mail from the exchange server from their mailbox and investigate their profile for any malware artifacts.

Correlation:

Mail transfer agent (MTA) or mail relay software logs will be correlated to detect bandwidth threshold-based alerts, threshold-based alerts and anomaly-based alerts. Matches will raise a correlated event/alert.

Event Sources:

Mail transfer agents, Firewalls, IDS/IPS, Antivirus / Malware solutions

Step 1: Preparation

This action can indicate potential bots sending spam from an internal host. For this to happen, the system must have been previously compromised. Technicians should be able to have access to AD or have up-to-date lists of contacts of all assets and staff information. Being able to quickly contact a user or the person in charge of a server is the key to being effective. IT Response Team should have knowledge of Anti-Botnet remediation best practices.

Step 2: Identification

The crucial goal is to determine which host is infected and sending an email. There are several symptoms which often manifest shortly after botnet infiltration as the compromised machine begins executing its instructions. Awareness of these symptoms can aid in early botnet detection. In action, bots are essentially backdoor Trojans. Look for unexpected IRC traffic from internal hosts. The port being used for IRC traffic may even be a non-standard IRC port (6666, 6667...) Run a complete IP check for sending Mail servers.

Step 3: Containment

Speak to the user whose address has been potentially compromised to determine whether they are aware of the situation. If they are not aware, halt any outgoing mail from the exchange server from their mailbox and investigate their profile for any malware artefacts. A good practice is only to allow mail traffic between the server and the internet. This is usually done by restricting communication to standard ports such as 25, 465 and 587.

Step 4: Eradication

Like most of the newer forms of malware, bots can be hard to detect and even harder difficult to remove. Methods can be tool based or manual. Depending on the remediator’s infrastructure and line of businesses, their respective may differ substantially.

Step 5: Recovery

To recover from a computer virus infection or to prevent future infections from malware or computer viruses, use a reliable antivirus. Check if you already have antivirus software installed, many operating systems bring their preinstalled security tools. Identify and track servers, keep a patch maintenance policy and follow post-patch security best practices.

Please note that these services do not remove malware, generally only removing the infection manually and rebuilding the site from backup can do that.

Step 6: Lessons Learned

Implement security awareness policies for employees and end users. Install virus-checking software and update it regularly. Use security software to block or disable potentially harmful applications. Malware is often a component of advanced multi-stage attacks. Configure your firewalls to send email notifications, SNMP Traps and syslog.

Квалификация: Компьютерная безопасность, Безопасность сети, Интернет-безопасность, Написание технических текстов, Комплаенс

Показать больше soc use case examples, paladion siem use cases, soc use case framework, incident response use cases, list of security use cases, email security use cases, azure siem use cases, nist siem use cases, use case diagram generating sales report, metatrader trading use case diagram, electronic bank system use case diagram, use case documentation, use case diagram hotel, pms use case activity, diploma cyber security chennai, use case diagram hotel web, visual use case reviews, card game use case, quality center use case management, use case diagrams iphone applications

О работодателе:
( 0 отзыв(-а, -ов) ) Gerrards Cross, United Kingdom

ID проекта: #24587990

26 фрилансеров(-а) в среднем готовы выполнить эту работу за £146

rozeny2k

Hi. I am an IT Security expert and an experienced technical writer with an MS in Computer Science and Engineering. I have a very good understanding on security compliances such as PCI DSS, ISO 27000 series, NIST, HIPPA Больше

£200 GBP за 7 дней(-я)
(194 отзывов(-а))
7.3
rohan24692

I have done PhD in cyber security and networking and have been helping clients from all over the world on diverse research topics. Can deliver a great quality job as I have been into academic research (aware of differ Больше

£225 GBP за 2 дней(-я)
(110 отзывов(-а))
5.9
enlightenwritin1

Hello, I am expert in cyber security as i have completed many projects on cyber security. I have 7 years of research and writing experience and have worked on PhD level thesis projects, published papers in peer reviewe Больше

£250 GBP за 7 дней(-я)
(81 отзывов(-а))
6.1
charleslimnet

I have a Bachelor’s degree in computer science and diploma in B.I.T with 8 years’ experience in academic, articles, reports & technical writing experience. As pertains to this project, I have read and understood all th Больше

£200 GBP за 5 дней(-я)
(75 отзывов(-а))
5.8
mubashirabbas07

Hello, i am Cyber Security Expert with 6 years of experience and ready to complete this project because i have great skills set practical and worming in Security Operation Center. That's why i ma perfect for this proje Больше

£350 GBP за 4 дней(-я)
(53 отзывов(-а))
5.7
gauravsaggi

Dear Sir/Madam, I have Completed 1070+ LEGAL projects on Freelancer related to CONTRACTS, PATENTS, TERMS OF SERVICE, PRIVACY POLICY, LEGAL RESEARCH and IT LAW. I have drafted a lot of customized Cases for my client Больше

£150 GBP за 3 дней(-я)
(43 отзывов(-а))
5.6
muturi123

Dear customer, i confidently express my desire to work on this paper as I am committed to provide you with the best possible services including plagiarism free work, timely delivery and of course, excellent quality.

£135 GBP за 1 день
(42 отзывов(-а))
5.3
PremiumSolution

i can help you in cyber security case. Please tell me the deadline. I assure you quality work as per your given deadline. I can provide you with a guarantee of plagiarism free work. I am producing quality content for m Больше

£20 GBP за 7 дней(-я)
(87 отзывов(-а))
5.5
tutor23297

Hello, i have gone through your project description and i can confirm that i am deem fit to deliver it as expected. I have a strong attention to detail and i can guarantee you quality work analysinng the case study. i Больше

£55 GBP за 1 день
(41 отзывов(-а))
4.8
premiumwriters12

I am a Professional writer with seven years of experience. I hold an M B A and first Degree in Economic which provides me with the necessary background to handle your projects. The 100% client satisfaction is my priori Больше

£60 GBP за 1 день
(51 отзывов(-а))
5.2
rainbow

I am system architecture designer and UML model designer I will write use cases Please send details of work to be done

£135 GBP за 7 дней(-я)
(21 отзывов(-а))
5.0
sixpl

Hi, I have read the description. Here are some of my SAMPLES: [login to view URL] [login to view URL] [login to view URL] Больше

£135 GBP за 3 дней(-я)
(7 отзывов(-а))
3.8
johnwanjiku

Hello. I have seen your project and I am really interested in working with you. I am a professional writer with experience in cryptography. Digital cryptography plays a key role as a public key for the user etchttps:// Больше

£20 GBP за 7 дней(-я)
(10 отзывов(-а))
3.7
kelvinm094

Greetings, This is Kelvin here, an expert in Cyber Security. Please invite me for a chat and we shall discuss more. Regards Kelvin.

£100 GBP за 5 дней(-я)
(12 отзывов(-а))
3.9
Randyvc

Hi My name is Randy,  I'm a Cybersecurity expert based in Costa Rica. My usual schedule is from 7 am to 9 pm GMT-6  but I can be flexible as needed. I'm very interested in your project, I'm skilled in what you are lo Больше

£200 GBP за 20 дней(-я)
(5 отзывов(-а))
2.0
Expertshut

I am an experienced writer having 3 years of experience in writing field and I can provide you help in Academic writing, Blogs & Business writing, Assignments and Homework. I will provide you 100% PLAGIARISIM FREE cont Больше

£20 GBP за 1 день
(1 отзыв)
0.8
franklinkikundi6

Hello, I'm a good technical writer, research writer and business plan too, including market research paper, I also write articles and contents. I will be glad to help you write your research paper in case study based o Больше

£21 GBP за 1 день
(1 отзыв)
0.7
DerrickMathis

Hello, I can provide you perfect work as you looking for . we can discuss more in chat . I will be waiting for your response . I have very great experience about your project , if you want discuss more please send me Больше

£135 GBP за 7 дней(-я)
(0 отзывов(-а))
0.0
Writerollogy

I will help you with Cyber Security Use Case I assure you to accomplish your task within time with Least prices, Deadline and quality is my first priority. I have 6-7 years of experience in a vast range of exception Больше

£135 GBP за 7 дней(-я)
(1 отзыв)
0.2
kada22ak

hey I am a professional information security engineer I can deliver your project on the time with the accurate results

£88 GBP за 2 дней(-я)
(0 отзывов(-а))
0.0