Please identify a Process that is utilized within SOC Environment, and please explain why you feel that it is the most one?
Week 08: Question
By Deval Shah
Incident Response and Intrusion management has a lot to do with Information. As far as cyber security is concerned its about LOGS.
What strategy would utilize in terms Logs. Log Everything, Selectively Log, or something else. Please provide your views on this important topic!
Notification on date change
By Deval Shah
Term Paper: Changed from 7/10 -> 7/17
Quiz 2 – Change from 7/17 -> 7/23
Short Paper 3 will change from 7/23 -> 7/30
Presentation will remain.
Week 6: Question
By Deval Shah
Modern day networks are no longer static, they are continuously morphing with a mobile workforce and presence of data everywhere. How can organizations monitor the environment for onslaught of threats and endless attack vectors. Provide some comments and insights on where you would start with your IDS implementation strategy?
Week 4: Question
By Deval Shah
When it comes to IDS, there are various things to consider: Host – IDS (HIDS) vs Network IDS (NIDS). There is also Signature Based vs Anomaly Based. And finally IDS vs IPS. How does one figure out figure out what to use and when? Provide your views on the various IDS techniques and what is the best approach to working through them?
Week 3: Question
By Deval Shah
Since Packet capture is an integral part of Intrusion Management strategy, the question remains, what factors influence an organizations Packet Capture strategy? Please provide some insight into some of these factors and why they are or are not relevant?
Week 03: No class on Monday
By Deval Shah
Target to Pay $18.5 Million to 47 States in Security Breach Settlement
By Josh Zenker
Yesterday’s article in the NY Times is an example of why it’s important to have legal expertise on your IRT. A settlement can be extremely costly, and you want to do everything you can to mitigate that cost from the first moment an incident is reported.
Week 2: Question
By Deval Shah
What are the similarities and differences from the following groups (Help Desk, SOC, CERT, CIRT, etc) within an enterprise?
Week 1: Question – Ransomware on the global scale?
By Deval Shah
The past week we show an intensive Ransomware attack on the global scale. Assume your organization was a victim of such attack? Would you pay the ransom, Why or Why Not?