Packet Capture and Intrusion Detection/Prevention Systems.
In this project, you will use monitoring technologies Wire shark and Snort in the Workspace virtual machine to compile a malicious network activity report for financial institutions and a bulletin to a financial services consortium. The report should be eight pages double-spaced with citations in SPA format. The bulletin should be one page double-spaced.
There are eight steps to complete the project. Most steps of this project should take no more than two hours to complete, and the project as a whole should take no more than two weeks to complete. Begin with the workplace scenario, and then continue to Step 1, “Create a Network Architecture Overview.”
When you submit your project, your work will be evaluated using the competencies listed below. You can use the list below to self-check your work before submission.
1.1: Organize document or presentation in a manner that promotes understanding and meets the requirements of the assignment.
1.2: Develop coherent paragraphs or points to be internally unified and function as part of the whole document or presentation.
1.3: Provide sufficient, correctly cited support that substantiates the writer’s ideas.
1.4: Tailor communications to the audience.
2.1: Identify and clearly explain the issue, question, problem under consideration.
2.2: Locate and access sufficient information to investigate the issue or problem.
2.3: Evaluate the information in logical manner to determine value and relevance.
2.4: Consider and analyze information in context to the issue or problem.
2.5: Develop well-reasoned ideas, conclusions, checking against relevant criteria.
5.3: Uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network in order to protect information, information systems, and networks from threats.
8.1: Demonstrate the abilities to detect, identify, and resolve host and network intrusion incidents.
8.2: Possess knowledge and skills to categorize, characterize, and prioritize an incident as well as to handle relevant digital evidence appropriately.
8.4: Possess knowledge of proper and effective communication in case of an incident or crisis.
8.5 Obtain knowledge and skills to conduct a postmortem analysis of an incident and provide sound recommendations for business continuity.
9.1: Knowledge of the Information Technology industry, its systems, platforms, tools, and technologies.