Reference no: EM133438054
Scenario: Peer-to-Peer File Sharing
The organization prohibits the use of peer-to-peer file sharing services. The organization's network intrusion detection sensors have signatures enabled that can detect the usage of several popular peer-to-peer file sharing services. On a Monday evening, an intrusion detection analyst notices that several file sharing alerts have occurred during the past three hours, all involving the same internal IP address.
1. What factors should be used to prioritize the handling of this incident (e.g., the apparent content of the files that are being shared)?
2. What privacy considerations may impact the handling of this incident?
3. How would the handling of this incident differ if the computer performing peer-to-peer file sharing also contains sensitive personally identifiable information?
Once you sign up for a scenario number:
1. Carefully read the scenario, and the 4 questions listed below and reflect on these 4 questions by relating the questions to your specific scenario.
Question 2 - Detection and Analysis: What does the incident response team look at during the initial analysis of a validated incident?
Question 3 - Containment, Eradication, and Recovery: What should be done to contain the incident? Why?
Question 4 - Post-Incident Activity: Who should be invited to attend the lessons learned meeting regarding this incident? And when should the lessons learned meeting be held?