INTRODUCTION TO CYBER THREAT INTELLIGENCE
Use the information from the SIEM dashboard to answer all the questions on the threat intel flow chart below.Alert Log
| Date | Message |
|---|---|
| Sept 11th 2020, 11:48:00:015 | Account logged on successfully. Account name: Administrator |
| Sept 11th 2020, 11:47:45:789 | Account logged off successfully. Account name: John Doe |
| Sept 10th 2020, 16:34:21:789 | Outbound network flow initiated to 91.185.23.222 |
| Sept 10th 2020, 08:42:29:564 | Registry files modified. |
| Sept 10th 2020, 08:41:35:123 | File download initiated by John Doe. File name: flbpfuh.exe |
| Sept 10th 2020, 08:40:20:091 | Email received by John Doe from [email protected] |
| Sept 10th 2020, 08:40:20:091 | Internal network traffic detected from 91.185.23.222 |
Threat Actor Extraction IP Address?
Threat Actor Email Address?
Malware Tool?
User Victim Logged Account?
Victim Email Recipient?