The following are the deliverables for this project:
- Malicious Network Activity Report: An eight- to 10-page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations.
- Joint Network Defense Bulletin: A one- to two-page double-spaced document.
Introduction to Packet Capture and Intrusion Detection Prevention Systems
You are a network analyst on the fly-away team for the FBI’s cybersecurity sector engagement division. You’ve been deployed several times to financial institutions to examine their networks after cyberattacks, ranging from intrusions and data exfiltration to distributed denial of services to their network supporting customer transaction websites. A representative from the Financial Services Information Sharing and Analysis Center, FS-ISAC, met with your boss, the chief net defense liaison to the financial services sector, about recent reports of intrusions into the networks of banks and their consortium.
He’s provided some of the details of the reports in an email. “Millions of files were compromised, and financial officials want to know who entered the networks and what happened to the information. At the same time, the FS-ISAC has seen extensive distributed denial of service disrupting the bank’s networks, impacting the customer websites, and blocking millions of dollars of potential transactions,” his email reads.
You realize that the impact from these attacks could cause the downfall of many banks and ultimately create a strain on the US economy. In the email, your chief asks you to travel to one of the banks and using your suite of network monitoring and intrusion detection tools, produce two documents—a report to the FBI and FS-ISAC that contains the information you observed on the network and a joint network defense bulletin to all the banks in the FS-ISAC consortium, recommending prevention methods and remediation against the types of malicious traffic activity that they may face or are facing.
Complete Malicious Network Activity Report
The following is a suggested outline:
- Introduction: Describe the banking institution and the issue you will be examining.
- Overview of the Network Architecture
- Network Attacks
- Network Traffic Analysis and Results
- Other Detection Tools and Techniques
- Recommended Remediation Strategies
Create the Joint Network Defense Bulletin
In this step, you will create the Joint Network Defense Bulletin. Compile the information you have gathered, taking care to eliminate any sensitive bank-specific information. The Joint Network Defense Bulletin is an educational document for the financial services consortium. This bulletin should be addressed to the FBI chief and the FS-ISAC representative.