phishing email

A user clicked on a phishing email and entered their credentials into the site. The site appeared to be a Microsoft website. The user did not say anything to the IT department for about a week and has noticed the workstation being sluggish. Several other employees have reported the same slowness on their workstations. Networking has seen an excessive number of attacks through the state network from IP address 10.0.51.128/25 and 172.128.128.0/26 in the last week utilizing their SIEM. What are the steps you would take to remediate the risk? After remediation steps, it is a requirement to submit an incident response report. Please draft a sample of this incident report.

Get Your Custom Essay Written From Scratch
Are You Overwhelmed With Writing Assignments?
Give yourself a break and turn to our top writers. They’ll follow all the requirements to compose a premium-quality piece for you.
Order Now