Chat with us, powered by LiveChat The SITREP (Situation Report) Sample Report?is provided so that you can understand what Cyber Command is expecting in your report. Your report will vary depending on the problem and too | Wridemy

16 Nov The SITREP (Situation Report) Sample Report?is provided so that you can understand what Cyber Command is expecting in your report. Your report will vary depending on the problem and too

Posted at 14:42h in Computer Science by

 

The SITREP (Situation Report) Sample Report is provided so that you can understand what Cyber Command is expecting in your report. Your report will vary depending on the problem and tool selected.

Select one of the seven network problems and develop a troubleshooting and tool report that details the solution.

  1. On Day 2 of full operational capability (FOC), our connection to the internet was becoming intermittent. We could establish connections to our globally hosted servers some of the time. The connection would drop at seemingly random periods and we don't know why. We have experienced this day and night, and it has been consistent for the past three days.
  2. When our connection to the internet is working, we seemingly cannot reach out to our globally dispersed servers from our hosts. We use the globally dispersed servers for command and control and must be able to connect to them. We need a method to determine where the packets are going and why they are not reaching their destination. Because these servers are globally distributed, we can't just pick up and deploy to them.
  3. Our internal network servers are also spotty. Sometimes they are up, and sometimes they are down. For example, the DHCP server appears to provide IP addresses to hosts that are turned on sometimes, but other times when the host is turned on, it receives an Automatic Private IP Address (APIPA). These hosts can communicate with our networked hosts locally, but they can't reach out to our global servers. These hosts enable our persistent engagement capability, so they must be functional, and we need to determine the problem ASAP!
  4. We have a team that can troubleshoot from afar, but the members are located 25 miles west of this location. We have one of the tech support personnel deployed on site, but there are just too many issues for one person. The support team that is 25 miles west is centrally located to support multiple operational outfits. That team has a virtual private network (VPN) and secure access to our internal servers. At times, support team members need to determine which of our hosts are functioning. We use both Microsoft Windows and Linux operating systems, but we don't know what tool will help determine host functionality from afar.
  5. This next part is classified, but I need your help, and I need it fast. Bottom line, we believe there may be an insider threat. At times, we have reason to believe a nonapproved device is connecting to the network and reaching out to the internet. We need a method to determine what devices exist on the same subnet of our network. What can help us do that?
  6. When we begin operations in 72 hours, it will be of utmost importance for us to know what device name is associated with what IP address. This will allow us to know what exists internally and what we need to defend should the adversary begin operations against us. We need to understand what options exist to achieve this task.
  7. When we first arrived and established our connection to the internet, we noticed inbound connection requests. What tool can we use to determine if any adversary is reaching into our systems through a particular port or protocol?

Your report should be about a page in length and address the following:

  • Choose and restate one of the problems identified as you understand it and explain why it is a problem.
  • Describe how you would apply the steps in the Network+ troubleshooting model to this problem.
  • Name and provide a brief overview of the tool that could solve this problem (refer to Lesson 17 in uCertify).
  • Describe how the tool can be used to solve similar problems in the future.
  • Provide a detailed overview of the tool's functionality and options.
  • Include a screenshot of your selected tool from the appropriate uCertify lab.

How Will My Work Be Evaluated?

Troubleshooting refers to the process of identifying problems with a network through a rigorous and repeatable process and then solving those problems using testable methods. An important part of your duties in the networking field will be to troubleshoot and solve problems. In fact, most of your time will be spent with this focus to include optimizing performance. Networks are dynamic in implementation and are built to be resilient, but problems arise due to many unforeseen reasons. Developing the knowledge, skills, and experience to successfully troubleshoot and recommend solutions will show you are value-added to the organization.

For this assignment, you are asked to review a scenario, understand the problems, apply your knowledge and skills gained in this class, and propose a solution. Use the template provided and complete the assignment. An example solution is provided for you.

The following evaluation criteria aligned to the competencies will be used to grade your assignment:

  • 1.2.3: Explain specialized terms or concepts to facilitate audience comprehension.
  • 1.3.5: Adhere to required attribution and citation standards.
  • 1.4.1: Produce grammatically correct material in standard academic English that supports the communication.
  • 2.1.1: Identify the issue or problem under consideration.
  • 2.3.1: State conclusions or solutions clearly and precisely.
  • 10.1.1: Identify the problem to be solved.
  • 13.1.1: Create documentation appropriate to the stakeholder.

When you are finished, delete the instructional text from the template before you submit. Click "add a file" to upload your work, then click the Submit button.

Troubleshooting and Tool Report

[Insert name]

Network Problem Selected

Choose and restate one of the problems identified as you understand it and explain why it is a problem.

Troubleshooting Steps

List the steps in the Network+ troubleshooting methodology.

Tool and Description

Name and provide a brief overview of the tool that could solve this problem (Refer to Lesson 17 in uCertify)

Tool Operational Use Case

Describe how the tool can be used to solve similar problems in the future.

Tool Functionality

Provide a detailed overview of the tool's functionality and options.

Include a screenshot of your selected tool from the appropriate uCertify lab.

,

1

Troubleshooting and Tool Recommendation: SITREP Sample Report

Problem:

Each of the networked 15 servers and 400 hosts are generating logs. Some of these logs are likely due to security issues. We only have 10 network security workers, and they don’t have the time to review each log that is generated across the network. This is a problem because the logs can identify security issues, host events, network optimization challenges, and errors. We need an automated method to collect, centrally store, and analyze the logs, only generating an alert when human intervention is needed.

Troubleshooting Steps:

[List the networking troubleshooting methodology]

Tool and Description:

To solve the problem identified, it is proposed that [Logstash] be implemented within the network. Logstash (a fictional tool) is a free and open server-side data processing pipeline that ingests data from varying sources, transforms it, and display the results. This tool allows for the collection of logs from virtually any source to include hosts, network devices, and servers. Most logs are in the format of their creator and therefore are not standardized across a network of systems. Logstash normalizes the logs by converting them into key fields and elements that are most important to network security and optimization. This allows users to program alerts on the Logstash server and automatically be alerted to only the most important log alerts. Logstash provides the ability to save time and human capital resources while ensuring network security and optimization capability.

2

Tool Operational Use Case:

Logstash is being employed in our network to solve the log analysis problem identified above. Once implemented and properly configured, we expect Logstash to allow us to comply with internal security policies and outside regulations and audits, understand and respond to data breachers and other security incidents, troubleshoot systems, computer, and network devices, understand user behaviors, and conduct forensics in the event of an investigation. The deployment of Logstash will also save us valuable time and resources given we only have 10 personnel. The log alerts will enable network support personnel to respond only to the most crucial alerts, while ensuring nothing of critical importance is not known.

Tool Functionality:

Once installed on the server and Linux operating system, the command functionality includes multiple options:

• Logstash start (this command starts the Logstash service)

• Logstash –f (this command identifies the log file location)

• Logstash –in (this command ingests the log files)

• Logstash –c (this command sets the number of files to ingest before stopping)

• Logstash –cs (this command sets the ingest to continuous)

• Logstash –a (this command sets the parameters to analyze and alert)

3

Example Screenshot of the Windows Command Prompt

  • Troubleshooting and Tool Recommendation: SITREP Sample Report
    • Problem:
    • Troubleshooting Steps:
    • Tool and Description:
      • Tool Operational Use Case:
      • Tool Functionality:

Our website has a team of professional writers who can help you write any of your homework. They will write your papers from scratch. We also have a team of editors just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE. To make an Order you only need to click Ask A Question and we will direct you to our Order Page at WriteDemy. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.

Fill in all the assignment paper details that are required in the order form with the standard information being the page count, deadline, academic level and type of paper. It is advisable to have this information at hand so that you can quickly fill in the necessary information needed in the form for the essay writer to be immediately assigned to your writing project. Make payment for the custom essay order to enable us to assign a suitable writer to your order. Payments are made through Paypal on a secured billing page. Finally, sit back and relax.

Do you need an answer to this or any other questions?

About Wridemy

We are a professional paper writing website. If you have searched a question and bumped into our website just know you are in the right place to get help in your coursework. We offer HIGH QUALITY & PLAGIARISM FREE Papers.

How It Works

To make an Order you only need to click on “Order Now” and we will direct you to our Order Page. Fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.

Are there Discounts?

All new clients are eligible for 20% off in their first Order. Our payment method is safe and secure.

Hire a tutor today CLICK HERE to make your first order

Related Tags

Academic APA Writing College Course Discussion Management English Finance General Graduate History Information Justify Literature MLA