Vulnerability scanning
• This document should focus on any global cyber hack/incident that was well published and took place in 2019 to the current that was based on vulnerability scanning.
Assuming the role of a SOC analyst in the data center at the organization of your choosing. Currently, it is “all systems go” and “green light” status throughout the network. Then suddenly, you get an alert of some sort indicating a vulnerability scan is taking place (choose which type).
Considering this, please respond to the following questions:
• What is the alert that is coming in and from what device(s), tool(s), or software? What is it indicating?
• What actions should be taken and what tools will be used to determine if the alert is real or a false alarm?
• What tool(s) are used in this process?
• What framework(s) are used in this process?
• What data are you collecting during your initial stages, where are you recording it, and why?