In this module, we have learned about infrastructure, endpoint, and network atta

In this module, we have learned about infrastructure, endpoint, and network attacks.
For this discussion, select one of the following cyber incidents:
Colonial PipelineLinks to an external site. https://www.bloomberg.com/news/articles/2021-06-04/hackers-breached-colonial-pipeline-using-compromised-password
ParlerLinks to an external site. https://www.usatoday.com/story/tech/news/2021/01/11/parler-hack-platform-archived-hackers-capitol-riots/6629772002/
FacebookLinks to an external site. https://www.businessinsider.com/stolen-data-of-533-million-facebook-users-leaked-online-2021-4
Florida’s water supplyLinks to an external site. https://stateline.org/2021/03/10/florida-hack-exposes-danger-to-water-systems/
VolkswagenLinks to an external site. & Audi https://www.cnn.com/2021/06/11/cars/vw-audi-hack-customer-information/index.html
Any global cyber hack/incident that was well published and took place in 2019 to the current that was based on vulnerability scanning.
You are assuming the role of a SOC analyst in the data center at the organization of your choosing. Currently, it is all systems go and green light status throughout the network. Then suddenly, you get an alert of some sort indicating a vulnerability scan is taking place (you pick which type).
Considering this, respond to the following questions for your initial post:
What is the alert that is coming in and from what device(s), tool(s), or software? What is it indicating?
How are you proceeding to determine if the alert is real or a false alarm?
What tool(s) are you using in your process?
What framework(s) are you using in your process?
What data are you collecting during your initial stages and where are you recording it?