Web Server Compromise
You are an employee in the Georgia Tech SOC, you receive a report from a system adminstrator that one of their websites is acting "funny." The website is running Wordpress and is accessible from the world. You have access to the access logs for the site as well as the directory that the website lives under. Both of these are attached to the assignment below.
Georgia Tech's IP ranges are:
You will use the logs and site directory to figure out what happened and when. You should turn in two documents. The first will be answers to 8 questions found in the "Questions" section below. The second will be an incident report.
We will be teaching using Splunk, but if you are more comfortable using Elastic (ELK) or some other log searching mechanism you are free to do so. The raw logs are attached to this assignment below. While you can definitely succeed at this assignment using plain old grep, I would recommend you don't. While grep will work due to the small size of the log files being provided, grep fails to perform when you are in an actual Enterprise with massive amounts of data. To access Splunk:
The data for this assignment is in the "main" index. You can see all of the data by searching for "index=main" and changing the time dialog from "Last 24 hours" to "All time." Splunk already has the fields extracted from the logs for you.
Using the logs, answer the following questions. Please include the Splunk (or Elastic) queries you used to find each answer. This will allow us to understand your thought process if you come to a different answer or interpret the question in a different way.
Write an incident report based on this assignment. Use the provided template from additional resources. The audience for this report will be your executive leadership and the affected business unit leadership.
As discussed in the report writing lecture, make sure to include (these are all sections in the template):
Earn back money you have spent on downloaded sample
To export a reference to this article please select a referencing stye below.
Assignment Hippo (2021) . Retrive from http://www.assignmenthippo.com/sample-assignment/web-server-compromise
"." Assignment Hippo ,2021, http://www.assignmenthippo.com/sample-assignment/web-server-compromise
Assignment Hippo (2021) . Available from: http://www.assignmenthippo.com/sample-assignment/web-server-compromise
Assignment Hippo . ''(Assignment Hippo,2021) http://www.assignmenthippo.com/sample-assignment/web-server-compromise accessed 10/04/2021.
Want to order fresh copy of the Sample Template Answers? online or do you need the old solutions for Sample Template, contact our customer support or talk to us to get the answers of it.
Our motto is deliver assignment on Time. Our Expert writers deliver quality assignments to the students.
Get reliable and unique assignments by using our 100% plagiarism-free.
Get connected 24*7 with our Live Chat support executives to receive instant solutions for your assignment.
Get Help with all the subjects like: Programming, Accounting, Finance, Engineering, Law and Marketing.
Get premium service at a pocket-friendly rate at AssignmentHippo
I was struggling so hard to complete my marketing assignment on brand development when I decided to finally reach to the experts of this portal. They certainly deliver perfect consistency and the desired format. The content prepared by the experts of this platform was simply amazing. I definitely owe my grades to them.