1. Read the scenario, access the resources, and review the rubric below to help you understand the assignment. The final paper will be due in Week 7. You should begin working on the assignment right away, and you will share your progress in Week 6. 2. Write a paper that follows the listed parameters, addresses the important concepts, and includes the required sections: 3. Your paper should enable a casual reader to understand this topic and its importance. Please make sure the following outcomes are addressed within your paper: In week 7 with the specific date posted in Blackboard. You will be directed to complete and share parts of this assignment in Week 6. A large multinational fintech wanted to conduct a Red Team Assessment to evaluate its ability to detect and respond to a real-world cybersecurity attack.The read team started their assessment by sending a phishing email that persuaded the victim to log in to a fake portal hosted on a server to obtain valid credentials. While a small number of users clicked on the malicious link sent in the email, none of them submitted their credentials. This could be attributed to the regular social engineering tests and security awareness training delivered to staff.After the failed phishing campaign, the team went back to the drawing board to come up with a new plan of attack. Reviewing the companys Twitter account, the team discovered that they host a monthly community event at one of their buildings. The team registered for the event to deploy a purpose-built device into their internal network. The device will allow the team to gain remote access to the network using either an independent wireless connection or a 3G/4G mobile connection.Two members of the red team attended the event. They managed to slip away from the main event to see if there were any unlocked offices or conference rooms. Once a room had been found. One team member acted as a lookout while the other plugged the device and checked that he could reach it from his mobile phone. Shortly afterward the testers left the event and joined the rest of the team in a coffee shop down the road. Once connected to the network, the team started mapping the internal network and gathering additional information. Over the next couple of days, the team captured several password hashes, which were achieved by exploiting a weakness in Windows broadcast protocols. However, users appeared to be using strong complex passwords and it was not possible to crack the hashes to recover clear-text passwords. The team then decided to relay a captured hash belonging to a user and use it to log in into a workstation where they had local administrative privileges. This allowed them to extract the clear-text password of the currently logged-in users from memory.
