Rosie September 14
This thread hosts the “War Room” for the Incident Response Exercise that is part of your final project for this course.
This week your focus should be on figuring out what the Red Team did and how they did it. (See the “Overview of the Incident” section in CSIA 310 Final Project – Incident Response Exercise.docx — the detailed assignment description for the course final project).
For your first posting this week, you must provide an analysis of the Red Team’s report (as listed in the final project). At a minimum you must identify and discuss three specific vulnerabilities that were exploited by the Red Team as part of its penetration testing. You will need to research similar types of attacks using Red Team or Ethical Hacking resources from the Internet.
For your critiques this week, you should review and critique the analyses provided by two of your peers. You may find the course readings about Red Teams and Blue Teams to be helpful in finding examples and suggestions for improvement.
Follow-up postings this week are especially important as they show your contributions to the Blue Team’s efforts for incident investigation and response.
You can and should use information from the messages posted here as part of the incident response report which you will submit as your final project for this course.