99%(73)72 out of 73 people found this document helpful
This preview shows page 13 - 16 out of 16 pages.
Following the conclusion of the investigation a working group will be formed. The purpose of the working group is to allow the various company departments input in determining preventative measures. It is necessary in preventing these incidents in the future that a security conscious environment be created. Creating this environment requires the efforts of those outsideof the security office to fully implement. While initially this working group will be focused on employee misconduct it, if possible will turn to other security issues were employee behavior plays a large role. The combination of resources between cooperating departments should ensure maximum reach of security education programs.
Incident Report 13 VII.Wireless Traffic AnalysisAfter the incident the security department conducted wireless traffic analysis to ascertain any other attempted exploitations. The segment of traffic studied contained 77,646 individual packets. The bulk of the traffic was between IP addresses 10.0.250.161 and 10.0.250.200.
Incident Report 14 List all of the IP addresses found within this packet capture.However just evaluating this segment of traffic during the reported incident give indications in several packets of an attempt to gain illicit access to the company’s networks. The attempt was thwarted due to the detection of the incident, but it highlights the need to properly invest in cyber security assets. This includes those assets recommended by this paper.
Incident Report 15 ReferencesSaruhan, I. H. (2007, August). Detecting and preventing rogue devices on the network. SANS Institute. Retrieved from ?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=0ahUKEwj2lqaygO3RAhUBhiYKHV0wAtoQFggaMAA&url=https%3A%2F%2Fwww.sans.org%2Freading-room%2Fwhitepapers%2Fdetection%2Fdetecting-preventing-rogue-devices-network-1866&usg=AFQjCNGiS-hQgbeTlsXnRmqv1Gdd9HQoVg&bvm=bv.145822982,d.eWESriram, V., Sahoo, G., & Agrawal, K. (2010). Detecting and eliminating Rogue Access Points in IEEE-802.11 WLAN - a multi-agent sourcing Methodology. Advance Computing Conference (IACC), retrieved from -2547e454c501/1/web/viewer.html?file=-327be14b2821/1/DetectingandEliminatingRogueAccessPointsinIEEE-80211WLAN_AMulti-AgentSourcingMethodology.pdfon 30 July 2018Beatrice Ssowmiya J, Prabhakaran S (2013) Intrusion Detection using Security Onion Based on Kill Chain Approach. International Journal of Science and Research Retrieved from ?file=-2b79b5e39893/1/IntrusionDetectionusingSecurityOnionBasedonKillChainApproach.pdfThubron, R. (2018, January 09). WPA3 protocol will make public Wi-Fi hotspots a lot more secure. Retrieved from -hotspots-lot.htmlI.