Incident Response With Arcsight
SCENARIO INFORMATION
DESCRIPTION:
This scenario contains a number of missions challenging and assessing the delegates’ skills in security events detection and security incident response.
“XCallCenter” is a company working in the communication sector, this company services and activities is heavily dependent of its IT infrastructure.
During this scenario, and through the different missions, delegates will detect security event and respond to a security incident.
OBJECTIVES AND OUTCOME:
After completing this scenario you will be able to:
– Detect indicators of compromise (IOC),
– Identify and detect Suspicious Authentications,
– Detect attacks to Web Applications,
– Detect attacks to System services,
– Report and respond to a security Incident,
– Detect persistence tools.
PRE-REQUISITES:
There are no pre-requisites for this scenario
RECOMMENDED READING:
There are no recommended reading resources.
AUTHOR:
This scenario was created by Lawrence Muchilwa