Part A –
You have found that you have 10 systems in your network that are infected with malware and are members of a botnet. One of the systems is a webserver, the other 9 are desktop systems used by different individuals and departments.
- Utilizing your Incident Response Plan , detail how you will deal with each system.
- What preventive measures will you take in the future.
Part B –
As a team determine the appropriate nmap scans to complete the following:
- scan for the presence of hosts/devices on a network segment (i.e. x.x.x.x/24)
- port scan for all devices on a network segment (i.e. x.x.x.x/24)
- scan for device OS and software versions running on all ports on a network segment (i.e. x.x.x.x/24)