Eve’s is an incident handler in ABC organization. One day, she got a complaint about email hacking incident from one of the employees of the organization. As a part of
incident handling and response process, she must follow many recovery steps in order to recover from incident impact to maintain business continuity.
What is the first step that she must do to secure employee account?
Sam. an employee of a multinational company, sends emails to third-party organizations with a spoofed email address of his organization. How can you categorize this type of incident?
Eric is an incident responder and is working on developing incident-handling plans and procedures. As part of this process, he is performing an analysis on the organizational network to generate a report and develop policies based on the acquired results. Which of the following tools will help him in analyzing his network and the related traffic?
Johnson an incident handler is working on a recent web application attack faced by the
organization. As part of this process, he performed data preprocessing in order to
analyzing and detecting the watering hole attack. He preprocessed the outbound
network traffic data collected from firewalls and proxy servers and started analyzing
the user activities within a certain time period to create time-ordered domain sequences
to perform further analysis on sequential patterns.
Identify the data-preprocessing step performed by Johnson.