1
Q
Phishing
A
Analyze
Malicious?
Get IOC
Delete email
Forensics
Password change
Rebuild if necessary
Mandatory training
Lessons learned
2
Q
Malware
A
Isolate
Hash and analyze
Find POI
Close gaps
Add IOCs to endpoint protection
Preserve artifacts…
Restore impacted systems (backup, snapshot)
Remediate vulnerabilities
Reset passwords
Continue to monitor
Security Operations Analysis
flashcards
Decks in class (21)
# Cards
