Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Security Blue - Phishing Analysis > Phishing Response Brief > Flashcards

Phishing Response Brief Flashcards

1
Q
A

Next up we have a lab that incorporates all of the knowledge and skills you have learned throughout the Phishing Analysis domain. You will be analyzing a number of emails, conducting two malicious email investigations, and writing a report for each. You will answer a number of questions about the artifacts retrieved. This activity is crucial practice for the BTL1 exam, so take your time and put the effort in – it will pay off later!

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Challenge Brief

A

You have recently joined the security team at ABC Industries as a Junior SOC analyst within their security operations center (SOC). You are responsible for monitoring the SIEM platform, investigating and responding to security events, and protecting the organization from phishing attacks. You have just begun your shift, and in a new effort to proactively identify phishing emails that have made it past perimeter defenses, you have been given a number of emails that have randomly been copied from employee mailboxes. It is your job to analyze the downloaded emails, identify if any are malicious, and conduct investigations and write reports for any that are deemed to pose a risk to the organization. Reports should include a list of artifacts, analysis activities and results, and suggested defensive measures which will be reviewed by senior analysts.

A fellow analyst has already taken a look at the selection of emails and identified TWO malicious emails out of the sample of 5.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Hints and Advice

A

Set aside time to complete this activity. Having no distractions will allow you to work more effectively.
Ensure that you are comfortable with all of the content in this domain before starting, specifically; retrieving email, web, and file-based artifacts, performing analysis, and suggesting appropriate defensive measures.
Once you have identified the two malicious emails, follow the Report Writing lessons to write two reports that feature all of the sections we’ve covered.
If an email is not malicious, you are not required to write a report for it.
Answer the questions in the lab to pass!

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Security Blue - Phishing Analysis (62 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions