Step 13: Evaluate and Execute the Data Exfiltration Service-Level Agreements (SLAs)
You’ve communicated the attack to your other nation teams, your team has determined that all the nation teams were under data exfiltration attack, and they sustained latency or even unavailability of their networks. Now the CIOs have directed that the service-level agreements (SLAs) be reviewed on what the attack means to the cost and services rendered. Technologically trained professionals increase their marketability and hire-ability when they can demonstrate business acumen as well as technical expertise. And with more integrated environments following services on-demand structures such as cloud computing, it is imperative that cybersecurity professionals be able to assess if their organization is getting what it paid for.
You may have determined a network topology for your nation team, or you may have researched a network topology and are using that to base your analysis, citing the researched information using APA format. In these topologies, you will research the operating system vulnerabilities (operating system fundamentals, operating system protections). You will identify requirements for operating system security to address these vulnerabilities.
You will then formulate a service-level agreement to mitigate the vulnerabilities, particularly for data exfiltration activities.
Produce a three- to five-page Service-Level Agreement (SLA) that you believe is best to serve the nation teams’ security protections. If you research sample SLAs, provide citations.
Include:
- an agreement not to engage in testing data exfiltration without notifying the internet service provider (ISP)
- metrics for availability
- bandwidth requirements
- monitoring from the ISP’s network
- traffic reports to be received and access to ISP information on net defense and best practices
- testing nation teams’ configurations by ISP
- other components needed to fulfill your nation team’s requirements
Perform an evaluation of the SLA that you created, and in a checklist format, report on the performance of the ISP during the data exfiltration attack. Conduct independent research if a checklist example is needed. If you model your checklist after an existing resource, cite and reference it using APA format. Estimate costs of services or any compensation owed to the nation team. Include written justification to the ISP for the downtime due to data exfiltration. This evaluation is included in the three- to five-page requirement.
In the next step, you will take on “packet sniffing” in the lab, as you move to a digital forensics role in the investigation.