You have been hired as a cybersecurity consultant for a company that has recently been breached in a crypto malware attack. According to file server logs, a large number of files on the network have been modified (encrypted). The company is looking for your guidance on the requirements below. Please provide a solution (in your own words) and your reasoning.
a/ How to determine which files have been encrypted by the crypto-malware attack? The company would like to know the most efficient way as there are over 100,000 files potentially impacted.
b/ What kind of policies and/or training would you suggest as a precautionary measure?
c/ The company had some backups in alternate servers, but no consistent backup and recovery plan. The organization has agreed to have an RPO of 1 hour and an RTO of 4 hours. Please suggest the most appropriate backup strategy (full, differential, or incremental) to meet the requirement.
d/ The company would like your help with their disaster recovery plan. Which recovery site (hot, warm, or cold) would you recommend to meet the organization’s requirement of RPO = 1 hour and RTO = 4 hours? And Why?Display keyboard shortcuts for Rich Content Editor
that’s my second question
You have been hired as a cybersecurity consultant for a company that wants to improve their security posture. The company is looking for your guidance on the requirements below. Please provide a solution (in your own words) and your reasoning.
a/ The ability to organize and apply security patches and policies to business units (IT, HR, and Finance).
b/ Properly destroy data on decommissioned hard drives and solid state drives (over 1,000 drives)
c/ The ability to monitor system logs at scale [for over 2,000 machines] running Windows 11, Ubuntu Linux, Red Hat Linux, and Fedora Linux.
d/ The ability to configure, secure, and manage mobile devices given to senior executives.
e/ The ability to provide authorized users all over the United States with remote access to secure private network resources.