please answer the following questions 107

Scenario: An intern employee names James has found a USB on the ground coming into work, he wants to find the owner. He plugs the USB drive into his workstation computer and the drive appears to be empty. He sees that the command prompt flashes open and closes. Unknowingly he just executed a worm or botnet into the network. He informs you (the CIO) that he believes that he has unleashed a worm.

Question 1: How would you track, and remove the worm the network?

Areas to consider: What ports or port types will have unusual activity.

Instructions:

Need minimum 300 words

Need 3 APA References



Question 2: How can correlating data aid in the detection of worm and botnet attacks.

Instructions:

Need minimum 300 words

Need 3 APA References