This assessment consists of two labs that you must complete, and a strategy report for senior executive leadership in your organization. Be sure you read the instructions for the entire assessment carefully to make sure you address all requirements fully.Explain the concepts and procedures associated with investigating and responding to security incidents and prevention strategies by addressing the following:
Explain the steps you should take at the first indication of compromise.
Describe the six-step incident handling process recommended by the SANS Institute.
Compare identification and containment during the incident response process.
Explain the relevance of the post-mortem step during incident response.
Compare IDS and IPS.
Explain the significance of obtaining a baseline of network traffic.
Describe some methods to mitigate reconnaissance attacks.
Now apply what you learned in the lab to the following scenario.Scenario