Flashcards in SECOPS 9 Deck (8)
When did events occur?
IP/Domain associated with malware.
Where did the infection come from?
Location of the attacker
What type of malware is on the system?
Use sandbox to find out type of malware.
Why? What does it do and what is it's purpose?
Sandbox to see what it's doing and find its intent.
How did the malware get on the system?
Email, Scareware, etc.
Threat investigation process (5)