Cyber Incident Response for Blue Moon Financial Term Paper

Cyber Incident Response for Blue Moon Financial - bourn Paper ExampleThe company has been faced with several challenges with respect to addressing the earnings intrusion trys and cyber security issues because it is ill equipped to deal with such issues. This paper discusses how I will deal with the active network intrusion attack in the company under various sub-topics.The first step to take in the reliable scenario are to identify the nature of attack. I am the only person who is qualified and well trained to deal with such issues. Therefore, before informing anyone else active it, I will first queue tabu the type of the attack targeted towards the company. This will be the first step towards stopping the attack because further steps cannot be initiated if the type of attack is not known well. Secondly, I will localize the source. This means that I have to use firewall and IDS logs to try to find out where the attack is coming from to be able to know whether the attack is co ming from a compromised host or from the outside world. This is overly essential in ensuring that the attack can be stopped as soon as possible (Sharma, et.al, 2015).After this, the next step that I will take entails blocking the attack. at one time it source and the nature of attack is clarified, I will take the necessary actions towards blocking it (Youssef, & Emam, 2011). These actions will include pulling the machines that have been attacked from the network, block the access to the network from that IP address if the attack is coming from outside. Depending on the type of the attack, I may have to use ISP if the attack is a DDoS attack. I will also backup the evidence of the attack by keeping the logs generated to ensure that I have a detailed account of the attack. I will also find other compromised machines and use appropriate tools to root out any other machines that have been attacked. The last aspect is to ensure that I do not