Malware:ITX8042:2014:LAB5

Allikas: Kursused
Mine navigeerimisribale Mine otsikasti

LAB5

Additional Reading + presentations!

Presentation1


Assignment

Write an incident report.

Incident report template Turvaintsidendi_raporti_vorm_eng.doc OR use any other suitable template (Provide the origin for the template)


Baseline for incident reporting

  • 4 different computers are infected with malware you found in lab 3

(you can freely choose which computers are infected with witch malware.)

  • computers are located in different network segments
  • Company uses 2 different antivirus products McAfee and Kaspersky (bought with computers)
  • Company network layout
  • Network consist of clients with OS windows XP SP3, windows 8, windows 7.


Timeline

  • 6.oct.2014 17:00 User Juhan Karu notices that his computer with win xp behaves in unusual way before shutting it down.
  • 7.oct.2014 15:30 User Malle Maasikas mentioned that antivirus warned her about a website she visited with a Win 7 machine.
  • Describe the following timeline (Use your imagination)