ISOL534 Cumberlands Microsoft Windows OS security incidents Paper

ISOL534 Cumberlands Microsoft Windows OS security incidents Paper

1)Write 400–600 words that respond to the following questions:

• Describe Microsoft Windows OS security incidents.
• How to handle security incidents involving Microsoft Windows operating system OS and application?
• How to handle incident response?
• How to investigate Microsoft Windows and applications incidents?
• What is the best practice are for handling Microsoft Windows OS and applications incidents and investigations?

Please note:

• Be in APA format including your references.
• Be 400–600 words long (not including title and references).
• Do not re-state the questions.
• Include two sources (i.e. two references).

2)Note: please do not forget to number your answers.

Note: The acceptable safe assign percentage should be 24% and below.

1. How many failed logons were detected?
2. What was the date/time shown at the top of the IIS log file you captured at the end of Part 2 of the lab?
3. What options are available to prevent brute force authentication attacks in a Windows-based domain?
4. What is an insider attack?
5. If the attacks for this lab were coming from an internal IP, would you allow the attack to continue to investigate further or stop the attack?
6. With the information provided in this lab, what steps would you take to prevent a reoccurrence of an external attack?
7. What is a best practice to deter insiders from even thinking about executing an attack?