{"id":35388,"date":"2024-01-12T17:21:07","date_gmt":"2024-01-12T17:21:07","guid":{"rendered":"https:\/\/www.goodacademic.com\/blog\/questions\/5-2-discussion-mindset-incident-response-procedures-forensics-and-forensic-analysis\/"},"modified":"2024-01-12T17:21:07","modified_gmt":"2024-01-12T17:21:07","slug":"5-2-discussion-mindset-incident-response-procedures-forensics-and-forensic-analysis","status":"publish","type":"questions","link":"https:\/\/www.goodacademic.com\/blog\/questions\/5-2-discussion-mindset-incident-response-procedures-forensics-and-forensic-analysis\/","title":{"rendered":"5-2 Discussion: Mindset: Incident Response Procedures, Forensics, and Forensic Analysis"},"content":{"rendered":"<p>&nbsp;<\/p>\n<p>In the lab activity for this discussion, you assumed different roles. After logging into the lab environment, you proceeded to &#8220;Launching an Attack&#8221; as a hacker. Once you completed that portion of the lab, you assumed the role of a defender and began the &#8220;Collecting Incident Response Data&#8221; portion of the lab. You then completed the lab as a defender by collecting log data and analyzing it. For this discussion, let&#8217;s add to the scenario as follows:<\/p>\n<p>As part of your system audit, you realize that you have identified a successful remote login from a suspicious IP address located in North Korea. This is a suspicious address because your organization has no ties to North Korea, and no personnel are over there for vacation or business-related travel.<\/p>\n<p>In your initial post, discuss what next steps you should take as a defender.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>&nbsp; In the lab activity for this discussion, you assumed different roles. After logging into the lab environment, you proceeded to &#8220;Launching an Attack&#8221; as a hacker. Once you completed that portion of the lab, you assumed the role of a defender and began the &#8220;Collecting Incident Response Data&#8221; portion of the lab. You then [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"closed","template":"","meta":[],"disciplines":[211],"paper_types":[],"tagged":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.goodacademic.com\/blog\/wp-json\/wp\/v2\/questions\/35388"}],"collection":[{"href":"https:\/\/www.goodacademic.com\/blog\/wp-json\/wp\/v2\/questions"}],"about":[{"href":"https:\/\/www.goodacademic.com\/blog\/wp-json\/wp\/v2\/types\/questions"}],"author":[{"embeddable":true,"href":"https:\/\/www.goodacademic.com\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.goodacademic.com\/blog\/wp-json\/wp\/v2\/comments?post=35388"}],"version-history":[{"count":0,"href":"https:\/\/www.goodacademic.com\/blog\/wp-json\/wp\/v2\/questions\/35388\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.goodacademic.com\/blog\/wp-json\/wp\/v2\/media?parent=35388"}],"wp:term":[{"taxonomy":"disciplines","embeddable":true,"href":"https:\/\/www.goodacademic.com\/blog\/wp-json\/wp\/v2\/disciplines?post=35388"},{"taxonomy":"paper_types","embeddable":true,"href":"https:\/\/www.goodacademic.com\/blog\/wp-json\/wp\/v2\/paper_types?post=35388"},{"taxonomy":"tagged","embeddable":true,"href":"https:\/\/www.goodacademic.com\/blog\/wp-json\/wp\/v2\/tagged?post=35388"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}