ipl-logo

Analyst Intern To The Cybersecurity Operations Division Of Old National Bank

1109 Words5 Pages

As a Security Operations Center (SOC) Analyst intern to the Cybersecurity Operations Division of Old National Bank, I became aware of the many different cyber threats that affect Old National Bank’s cyberinfrastructure. Information espionage is one of the most common types of threat. Using a network of computers for handling a large amount of data creates vulnerabilities to the computers, and the information. Networking impacts the computer security goals important to Old National Bank such as client confidentiality, information integrity, and network availability. Security breaches are inevitable, and it is imperative to have a system of protection that can provide a quick plan of action. Old National Bank uses a software tool called LogRhythm …show more content…

I would be alerted by LogRhythm SIEM alarms indicating that conditions were triggered within the alarm tool signifying an anomaly in the network that could potentially be a cyberattack. During the time I was an intern, none of the alarms signaled a true, advanced, and persistent cyber threat. I received around 60-100 alarms per day. During my internship, I spent most of my time working on addressing all of the alarms. About a third of those alarms were just informational, such as when the LogRhythm SIEM monitoring system would malfunction. The great majority of false positives were created by errors in the systems that were working in tandem. A second group of false positives occurred when someone forgot their password, and tried different combinations to access their account. A third group of false positives occurred when LogRhythm SIEM misinterpreted an update as a lateral movement account sweep, because a lot of accounts being accessed at once for the update. The last few false positives were unique events requiring further …show more content…

To create this Alarm Rule, I first logged onto LogRhythm SIEM, and clicked on the Deployment Manager icon. Then, I clicked on the AI Engine tab, before right clicking the drop-down menu, and selecting “Create New”. I then dragged a box icon, which represented the condition of the LogRhythm software’s AIE rule, to the center of the screen. I doubled clicked on the box to bring up the information needed to specify the condition of the LogRhythm software’s AIE rule. I then created the conditions needed to make a new LogRhythm software’s AIE alarm rule function. The conditions included that: 1) the origin, or impacted host, was the I-Series Servers, 2) the connection used FTP, and 3) the connection was established to or from I-Series Servers. This new rule worked well. As part of my project, this new alarm rule ran for three weeks as a testing period. Every time LogRhythm software’s AIE detected the criteria for the new alarm rule, which was an established FTP connection, it would create an alarm which I accessed through LogRhythm’s Web Client so I could note the IP address of the entity that interacted with the I-Series Servers. At the end of the three weeks, I gave the IP address list to the I-Series technician. He then returned two separate IP lists to me. One IP list was addresses

Show More
Related

Nt1310 Unit 5 Essay

491 Words | 2 Pages

Review question #9: Footprinting is the organized research of the Internet addresses owned or controlled by a target organization. The attacker uses public

Read More

Nt1330 Unit 3 Lab 1

1626 Words | 7 Pages

In the context of this lab, all devices are accessible via SSH over the internal, so I have implemented necessary monitoring using Nagios.

Read More

Nt1310 Unit 1

410 Words | 2 Pages

Misuse detection is used to identify previously known attacks for which they require before hand knowledge of attack signature. the disadvantage of this method is that prior knowledge of the attack is required and hence new attacks cannot be identified until new attacks signature have been developed for them. In anomaly detection system monitors activity to detect any significant deviation from normal user behavior compared to known user standard behavior, this type of intrusion detection can effectively protect against both well known and new attacks since no prior knowledge about intrusion is required. One of the most significant aspects of Intrusion Detection System is the use of Artificial Intelligence techniques[39] to train the IDS about possible threats and gather information about the various traffic patterns to infer rules based on these patterns to distinguish between to differentiate between normal and intrusive

Read More

Nt1310 Unit 1 Paper

512 Words | 3 Pages

Section 7 shows the limitations of the paper. At long last, Section 8 closes the paper and in addition depicting its impediments. 2. Related work Many types of survey and review researches have been done in the field of intrusion detection on the network, wireless sensor networks (WSN), cloud computing, and other areas.

Read More

Acct 391 Unit 1 Business Security And The Future

1670 Words | 7 Pages

Marques Underwood INSS 391 Security and the Future With the transition of companies leaning towards advancing through the usage of big data, cybersecurity and the trends in technology are creating an increase in threats. The goal is to protect the databases and devices used at these companies before they are hacked and compromised for unwanted reasons. We’ll see the general concerns with security in the IT field, and steps that specific companies are taking to prevent and adopt to the landscape of the future in security. Devices are increasing at a rapid pace these days, meaning the more data is being expanding.

Read More

Perimeter Breach Case Study

753 Words | 4 Pages

Perimeter Breach at the Bug out Location: Now What It May Not Be What You Think It could be a security breach at any location you are defending, not just a bug-out-location. Inside the wire, which means someone or some group has penetrated beyond any physical barriers established or someone has activated an alarm system, or Listening or Observational Posts (LP-OP) you have established have sounded the alarm. They are close, and they are moving closer.

Read More

The Pros And Cons Of Return The United States

461 Words | 2 Pages

While Conservatives are those who abhor change, and want to return the United States to a time that they feel is ideal. This time seems to be debated, with many believing that the 1950’s was the ideal time that society should be returning to. While others believe, it is the 1980’s during the Reagan Era that was the ideal time for the American people. Liberals on the other hand, do not want to return the country back to a “better time”. They want the country to progress and change in a positive manner that includes the protection of rights and freedoms of everyone living within the United States.

Read More

Boston Fire Essay

923 Words | 4 Pages

They stared at the blaze for the first twenty crucial minutes before sounding an alarm. Two fire engines came by and instantly gave the second and third alarms which alerted the neighboring fire companies. By quarter to eight, all fire companies had been alerted. All fire

Read More

2014 Quadrennial Homeland Security Review Paper

1504 Words | 7 Pages

That is why the Federal Government has taken an important step by creating many online portals that facilitate the exchange of information between all partners that make up the Homeland Security Enterprise (HSE) (Joint Program Office, n.d.). Some of the online portals created by the Federal Government include, but are not limited to, the Technical Resource for Incident Prevention (Tripwire), Law Enforcement Online (LEO), Bomb and Arson Tracking System (BATS), and the National Counterterrorism Center (NCTC) Current, among others (Joint Program Office,

Read More

VA Information Security Essay

1572 Words | 7 Pages

Introduction “VA’s mission is to promote the health, welfare, and dignity of all veterans in recognition of their service to the nation by ensuring that they receive medical care, benefits, social support, and memorials.” (Information Security: Veterans Affairs Needs to Resolve Long-Standing Weaknesses, 2010, p.1) The VA information system security program (ISSP) aims to protect the confidentiality, integrity and availability (CIA) of the VA’s information systems and business process. This program provides information of plans, policies and procedures to protect the VA’s system user’s privacy data. Also according to the Department of Veterans Affairs: Information Security Program (2007) this program provides a detailed list of the security

Read More

W. E. B. Dubois Research Paper

139 Words | 1 Pages

The purpose of this research paper is to inform readers on how William Edward Burghardt Du Bois, also known as W.E.B. Du Bois, impacted higher education. The beginning of the paper informs readers on the biography of Du Bois life and experience living in a time of race segregation. The next section are historical and philosophical issues that Du Bois encountered in hopes to bring equality for all interracial citizens in the United States. Thirdly, the report discuss a Supreme Court case that helped launched the ending of segregation in public schools. Lastly, the end of the report discuss one of our current educational trends that seem to relate to Du Bois double consciousness concept.

Read More

Nt1330 Unit 3 Project Management Plan

691 Words | 3 Pages

It continuously monitors configurations for drift, vulnerabilities and risk-inducing changes, and provides a suite of workflows to simplify change reconciliation, incident investigation, and daily management. (Open Source Roots to Secure Enterprise Security,

Read More

Department Of Homeland Security Essay

520 Words | 3 Pages

The Department of Homeland Security (DHS) was founded in 2002 in response to the terrorist attacks on the World Trade Center and the Pentagon to prevent any future threat of terrorism that even slightly presented danger to American soil. Congress passed the Homeland Security act in 2002 which absorbed every agency at the time who was working in, “Response to disasters caused by terrorism, natural hazards, or technological hazards” (Haddow 331). Among other agencies, the DHS assumed responsibility over other agencies who presided over the borders and ports as well as those responsible for immigration and citizenship. After reviewing the Brief Documentary History of the Department of Homeland Security, there is not one mention of natural disasters

Read More

Cybersecurity Personal Statement Examples

705 Words | 3 Pages

Cybersecurity has become a growing cause for concern in the United States and indeed countries around the world. On February 9, 2016 President Barack Obama announced his Cybersecurity National Action plan (CNAP) to further the nations efforts to protect government agencies, citizens, and businesses from cyber threats domestic and abroad. However, cybersecurity is not a new issue in fact it is as old as the internet itself. With that said, I keep thinking back to that warm September day stained with the image of an enormous fireball engulfing our small TV set. This horrific day changed the course of history forever along with my future career path.

Read More

Essay On Cyberwarfare

858 Words | 4 Pages

Cyber threats continue to plague governments and businesses around the world. Cyberwarfare is Internet-based conflict involving politically motivated attacks on information and information systems. Normally there are two purposes of Cyberwarfare, espionage or sabotage. Cyberwarfare attacks can disable official websites and networks, disrupt or disable essential services, steal or alter classified data, and cripple financial systems. Cyber operations can also aide military operations, such as intelligence gathering and information warfare.

Read More

More about Analyst Intern To The Cybersecurity Operations Division Of Old National Bank

Related Topics

Open Document