You are a security analyst responding to multiple security incidents across your organization's network. Your tasks are:
1. **Attack Identification**: Match each attack description to the correct attack type and recommend the best remediation action.
2. **Patient Zero Analysis**: A malware outbreak has occurred on three servers. Review the antivirus logs for each server to identify which server was the origin of the infection (Patient Zero), which servers are currently infected, and which servers are clean.
Server Information:
- Server A: 192.168.10.22 (File Server)
- Server B: 192.168.10.37 (Application Server)
- Server C: 192.168.10.41 (Database Server)
Your goal is to correctly identify attack types, recommend appropriate remediation, and determine the infection status of each server based on log analysis.
Part 1: Select the correct attack type and remediation for each scenario. Part 2: Review server logs and classify each server as Clean, Infected, or Origin (Patient Zero).
Part 1: Attack Identification & Remediation
Match each attack scenario to the correct attack type and recommended remediation
1
An attacker sends multiple SYN packets from multiple sources
2
The attack establishes a connection which allows remote commands to be executed
3
The attack is self-propagating and compromises a SQL database using well-known credentials as it moves through the network
4
The attacker uses hardware to remotely monitor a user's input activity to harvest credentials
5
The attacker embeds hidden access in an internally developed application that bypasses account login
Part 2: Patient Zero Analysis - Server Log Review
Click each server to review its antivirus logs, then classify its infection status