Telstra Cybersecurity Virtual Experience Program by www.theforage.com
Task_1(T1): Responding to a malware attack
This task is to triage the current malware threat and figure out which infrastructure is affected.
First, find out which key infrastructure is currently under attack. Note the priority of the affected infrastructure to the company - this will determine who is the respective team to notify.
After, draft an email to the respective team alerting them of the current attack so that they can begin an incident response. Make sure to include the timestamp of when the incident occurred. Make it concise and contextual.
The purpose of this email is to ensure the respective team is aware of the ongoing incident and to be prepared for mitigation advice.
Task_2(T2): Analysing the attack
Draft an email to develope a Firewall Rule to Mitigate malware attack
Task_3(T3): (Technical) Mitigate the malware attack
Use Python to develop a firewall rule to mitigate the attack. Develop this rule in firewall_server.py
.
Task_4(T4): Incident Postmortem
Create an incident postmortem of the malware attack, covering the details you have picked up in the previous tasks.