You have been hired as a cybersecurity consultant for a company that has recently been breached in a crypto malware attack. According to file server logs, a large number of files on the network have been modified (encrypted). The company is looking for your guidance on the requirements below. Please provide a solution (in your own words) and your reasoning. a/ How to determine which files have been encrypted by the crypto-malware attack? The company would like to know the most efficient way as there are over 100,000 files potentially impacted. b/ What kind of policies and/or training would you suggest as a precautionary measure? c/ The company had some backups in alternate servers, but no consistent backup and recovery plan. The organization has agreed to have an RPO of 1 hour and an RTO of 4 hours. Please suggest the most appropriate backup strategy (full, differential, or incremental) to meet the requirement. d/ The company would like your help with their disaster recovery plan. Which recovery site (hot, warm, or cold) would you recommend to meet the organization’s requirement of RPO = 1 hour and RTO = 4 hours? And Why?.
You have been hired as a
a/ How to determine which files have been encrypted by the crypto-malware attack? The company would like to know the most efficient way as there are over 100,000 files potentially impacted.
b/ What kind of policies and/or training would you suggest as a precautionary measure?
c/ The company had some backups in alternate servers, but no consistent backup and recovery plan. The organization has agreed to have an RPO of 1 hour and an RTO of 4 hours. Please suggest the most appropriate backup strategy (full, differential, or incremental) to meet the requirement.
d/ The company would like your help with their disaster recovery plan. Which recovery site (hot, warm, or cold) would you recommend to meet the organization’s requirement of RPO = 1 hour and RTO = 4 hours? And Why?.
Trending now
This is a popular solution!
Step by step
Solved in 2 steps