Project - Cybersecurity - ثالث ثانوي

100 Project Suppose you are a cybersecurity professional at a large enterprise organization dealing with a new worm outbreak. The worm spreads through removable media and infects hosts, installing a DDoS agent. The organization has already suffered widespread infections before antivirus signatures become available. You must devise strategies to identify and contain the worm and protect sensitive data. 1 Identify the methods the incident response team could use to find all infected hosts and discuss how the organization could have attempted to prevent the worm from entering the organization before antivirus signatures were released. 2 Explain the steps the organization could take to prevent the worm from spreading further via infected hosts before antivirus signatures are released. Discuss how the handling of this incident would change if hosts infected with the DDoS agent had been configured to attack another organization's website the next morning. P 3 Analyze how the handling of this incident would change if one or more of the infected hosts contained sensitive, personally identifiable information regarding the organization's employees. What additional precautions and actions would be necessary to protect this sensitive data? Describe the measures the incident response team would need to perform for hosts not currently connected to the network to ensure they are not infected or do not spread the worm upon reconnection. 5 Collect the notes you have written and create a PowerPoint presentation howing the scenario analysis and the DFIR responseزارة التعليم 1173-1445

Wrap up Now you have learned to: > Recognize the vulnerabilities of hardware, operating and software systems > Describe techniques for secure system design. > Protect a Windows system with various security techniques. > Outline the relationship between network structures, web technologles and cybersecurity systems. > Identify how to secure network systems through protocols and best practices. > Analyze the data flow through a network with Wireshark. > Activate the Windows VPN service > Analyze how DFIK is used to respond to and defend against sophisticated cyberattacks. > Evaluate the web activity of a browser with 08 Browser for SQLite. KEY TERMS Address Resolution Protocol (ARP) Digital Forensics (DF) Firewalls Secure Programming Computer Security Incident Response Teams (CSIRTs) Defense In Depth Incident Response (IR) Security by Design Virtual Private Networks (VPNs) Demilitarized Zones (DMZs) Intrusion Detection Systems (IDSs) Packet Analyzers Passkeys Zero Trust Security 101