: Long-term fixes (e.g., "Implement Multi-Factor Authentication (MFA)" or "Update firewall rules to block the malicious IPs identified"). 6. Appendices Include screenshots of the evidence. Attach a full timeline of events.
: List specific file paths, registry keys, or timestamps that prove the activity. 5. Recommendations AsianAirlines-A6.7z
: If there are .pcap files, detail how you filtered traffic (e.g., using Wireshark ) to identify suspicious IPs or protocols. 4. Detailed Findings : Long-term fixes (e
: How did the attacker get in? (e.g., a suspicious email attachment found in a user's PST file). Attach a full timeline of events
Knowing if it's for a Business Case Study or a Technical Forensics Lab will help me provide more specific analysis points.
: Provide a high-level statement on the security posture of the airline based on the evidence. 2. Evidence Handling (Chain of Custody)
: Steps to stop an active threat (e.g., "Reset credentials for the admin account found in the logs").
