User Account

All Pages

Injection with financial credit card data affected

Assignment Help Basic Computer Science
Reference no: EM133243772

Activity : Respond to Incident involving Possible SQL Injection with Financial Credit Card Data Affected

Incident Case:

A DLP security appliance has alerted to an attempt to exfiltrate credit card data. Management would like to know if any customer credit card data was actually exfiltrated, and if so where to, amongst other questions.

You are provided a pcap with traffic related to the primary Card Data Environment (CDE) server, and also a memory dump of the primary Card Data Environment (CDE) server. This server runs several applications including a Microsoft SQL Server which is used to house some customer information, but not credit cards, although there are locations on the server which contain credit card data.

Activity Tasks

Answer the following questions. You will need to use tools such as Wireshark, Zeek, and Volatility and possibly some research. You might find it valuable to use some volatility plugins, and you might need to be creative.

Suspected compromised server is 192.168.248.198 1.

1. Does there appear to be any SQL Injection attempts to this server?

2. Were any of the SQL Injection attempts successful?

3. Were there any users created?

4. Were there any executable files transferred? If so list them

5. Is there any evidence of any of these files being executed? Is this evidence in memory or in traffic, or both?

6. Are there any indications of any connections to or from the device which appears to have attempted SQL Injection attacks? If so, what ports were involved (source and destination).

7. Does the attacker appear to have used powershell at all? a. Where did you find evidence of this if the answer is yes?

8. What powershell commands did the attacker run and what do those commands do?

9. What files if any did the attacker interact with using powershell? And if the attacker has interacted with any files, what do those files contain? See if there's a way to extract files using volatility.

10. Are you able to conclusively answer whether or not any credit card data was exfiltrated? If yes, explain how, if not, explain why you don't think it happened.

11. If you were able to discover any credit card data, explain to the best of your ability how it was exfiltrated if indeed it was exfiltrated.

Reference no: EM133243772

Questions Cloud

Conducive to collaborative business culture : Why is a typical hierarchical management structure not conducive to a collaborative business culture? Which is best? Why?
Error handling and exception handling : Explain the difference between error handling and exception handling. What are some reasons you would want to use a log file?
Risk management concepts apply to community : Explain how risk management concepts apply to the community and at critical infrastructure locations.
Access and trunk port in ethernet switching network : Explain, with a max of two-three lines, the difference between an access and a trunk port in an Ethernet switching network.
Injection with financial credit card data affected : Does there appear to be any SQL Injection attempts to this server? Were there any executable files transferred? If so list them
Symmetric ciphers and asymmetric ciphers : Almost all crypto algorithms, both symmetric ciphers and asymmetric ciphers, are based on arithmetic within a finite number of elements.
Explain what steps you will take if you discover network : Explain what steps you will take if you discover your network has been hacked. Also, present five best practices with justification to your management team
The cvss vector of internet key exchange : The CVSS vector of an Internet Key Exchange (IKE) Aggressive Mode with Pre-Shared Key vulnerability
Describe five kali linux tool : Describe Five Kali Linux tool that can be used to assess the attacks. How one of the Kali Linux tools can be used to mitigate the attacks.

Reviews

Write a Review

Basic Computer Science Questions & Answers

  Identifies the cost of computer

identifies the cost of computer components to configure a computer system (including all peripheral devices where needed) for use in one of the following four situations:

  Input devices

Compare how the gestures data is generated and represented for interpretation in each of the following input devices. In your comparison, consider the data formats (radio waves, electrical signal, sound, etc.), device drivers, operating systems suppo..

  Cores on computer systems

Assignment : Cores on Computer Systems:  Differentiate between multiprocessor systems and many-core systems in terms of power efficiency, cost benefit analysis, instructions processing efficiency, and packaging form factors.

  Prepare an annual budget in an excel spreadsheet

Prepare working solutions in Excel that will manage the annual budget

  Write a research paper in relation to a software design

Research paper in relation to a Software Design related topic

  Describe the forest, domain, ou, and trust configuration

Describe the forest, domain, OU, and trust configuration for Bluesky. Include a chart or diagram of the current configuration. Currently Bluesky has a single domain and default OU structure.

  Construct a truth table for the boolean expression

Construct a truth table for the Boolean expressions ABC + A'B'C' ABC + AB'C' + A'B'C' A(BC' + B'C)

  Evaluate the cost of materials

Evaluate the cost of materials

  The marie simulator

Depending on how comfortable you are with using the MARIE simulator after reading

  What is the main advantage of using master pages

What is the main advantage of using master pages. Explain the purpose and advantage of using styles.

  Describe the three fundamental models of distributed systems

Explain the two approaches to packet delivery by the network layer in Distributed Systems. Describe the three fundamental models of Distributed Systems

  Distinguish between caching and buffering

Distinguish between caching and buffering The failure model defines the ways in which failure may occur in order to provide an understanding of the effects of failure. Give one type of failure with a brief description of the failure

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd