Recommendation on the action that the company needs

Assignment Help Computer Engineering
Reference no: EM13838921

Question:

Please do read well all the instructions and rules, no of words to be written carefully

The Case - A Digital Forensic Investigation Plan

Summary:

Impact Financial Services Australia (IFSA) is a specialist provider of high quality, consumer finance services to a global network of customers. It has been operating since 1990 and employs more than 1500 employees worldwide. IFSA serves more than 5 million customers globally. The company's main office is situated in Melbourne with other branch offices located in all major cities in Australia.

IFSA has invested heavily in information technology for supporting its global business operations and achieving competitive advantages over its competitors. Major investments were made by the company in 2001 but management has lost focus in updating the networks and application infrastructure that supports the business operation in recent years. The network environment between all of IFSA offices is flat and relatively unrestricted. Users from one office can access systems and servers from another office. Workstations and servers are typically UNIX/LINUX-based. Firewalls and network segmentation are implemented poorly throughout the environment. Intrusion detection and logging exist on systems but they are not effectively used.

Last week, one of the employees Richard at the Sydney office went in to work early and when he got connected to his computer, he found that someone was already connected to his computer with several windows opened. As he stared at it, his computer system got disconnected. He then tried to get connected again, but he was logged out. He called the IT manager, who followed a plan for such incidents. This includes disabling Richard's account and examining the server security logs. The IT manager found that the IP address of the computer that was connected to John's computer belongs to a computer used to run a data projector at the Melbourne office. He quickly rang the Melbourne office to check who has used the computer and requested the logs of people who have swiped into the building. He found out that even that machine was compromised. An urgent meeting with the management concluded that security breach has occurred and Forensic team will be set up to investigate this matter and stop reoccurrence of such issues. As an information security officer, you are asked by the management to investigate to find out the extent of this security breach and Richard's activities, if others are involved, who is affected and whether criminal charges need to be laid.

Requirements:

Your task is to prepare digital forensics investigative plan to enable a systematic collection of evidence and subsequent forensic analysis of the electronic and digital data. Assuming all systems are UNIX/LINUX based, this plan should detail following:

• justify why use of the digital forensic methodology and approach is warranted including appropriate procedures for corporate investigations such as this.

• describe the resources required to conduct a digital forensic investigation, including skill sets and required tools of the team members.

• outline an approach for data/evidence identification and acquisition that would occur in order to prepare the auditors for review of the digital evidence.

• outline an approach and steps to be taken during the analysis phase making the assumption the computer system is a UNIX/LINUX-based computer.

• make a recommendation on the action that the company needs to take against the offender.

Tips for preparing your digital forensics investigative plan

In writing the digital forensics investigative plan, students need to address following points. Do note that points listed below are not exhaustive and need to be considered as helpful tips.

• Justify a need for digital forensics methodology and consider scope of the case including nature of alleged misconduct leading to consideration of how electronic and digital evidence may support the investigation. The plan should consider how digital forensics differs from other techniques (such as network forensics, data recovery) and detail the overall steps for the systematic digital forensics approach.

• Consider the required resources and include details regarding preparation plan for evidence gathering (such as evidence forms, types, storage media and containers), forensics workstation and peripherals needed, software/tools for analysis depending on the type of evidence to be gathered including rationale for selected tools, and consideration of team member skills in digital analysis (such as OS knowledge, skills for interviewing, consultation, working as per the needs of the auditing team and understanding of law and corporate policies).

• Detail the approach for data acquisition including the different types of evidence that can be gathered and their source depending upon the nature of the case and scope of investigation, develop a plan for data acquisition including rationale for selected plan and contingency planning, detail type of data acquisition tools needed including rationale and an outline for the data validation & verification procedures.

• Provide an outline of the forensic analysis procedures/steps depending upon the nature of evidence to be collected, and detail the validation approach. This can include techniques to counter data hiding, recovering deleted files, procedures for network and e-mail analysis.

• Prepare a recommendation on the action that the company needs to take against the offender.

• Table of contents for the investigative plan should consider what to include in report, structure of report, focus or scope of the report including supporting material to be provided and references. This table of contents should include headings and sub-headings pertaining to the aspects addressed in the above dot points.

• Prepare a professional report with an Executive Summary, a Word generated table of contents, an Introduction, a body of report with proper headings and sub-headings, and a Conclusion.

Verified Expert

Reference no: EM13838921

Questions Cloud

Discuss how the graphics are misused : Find an example of a document that misuses graphics. This can be a document that you have received (please blot out any sensitive information and names) or a document that you find on the Internet.
The context of contemporary social problems : What do you think the future of America looks like (focus more in the context of contemporary social problems we have, and be specific to the context of what you have stated in above no. 1) ? Why?
Determining the current value of bond : Question 1: Company X offers a 10 year bond that has a coupon rate of 5 percent and semiannual payments. The face value is $1,000 and the YTM is 12.6%. What is the current value of this bond?
Write an annotated bibliography about health workforce issue : Write an annotated bibliography about Health workforce issue. For example, rural general practitioner training, expanded scope of practice for paramedics in rural locations, working hours for junior doctors, nurse practitioners in emergency departm..
Recommendation on the action that the company needs : Prepare a recommendation on the action that the company needs to take against the offender - Prepare a recommendation on the action that the company needs to take against the offender.
Analyzing the role of the foreign exchange market : Write a 350-500 word paper analyzing the role of the foreign exchange market in facilitating the global trading positions of the Japan Foreign exchange market Discuss the relative strength or weakness of the importing country's currency relative t..
Reflection on the significance of race and ethnicity : Reflection on the significance of ‘race' and ethnicity in these interactions. How can these concepts be defined? Do you think the interactions and relations you observed are influenced by ‘race' and ethnicity in any way? If yes, in what way?
Implementing calculator functionality : Implementing Calculator Functionality. If when you load your project you have an error panel appear that tells you the Designer view could not be loaded, close this panel and right click on CalculatorForm.h in the Solution Explorer and select View ..
Calculating capital structure weights : The common stock of Moe's Restaurant is currently selling for 575 per share, has a book value of $65 per share, and there are 1.07 million shares of common stock outstanding. In addition, the firm also has 115,000 bonds outstanding with a par valu..

Reviews

Write a Review

 

Computer Engineering Questions & Answers

  List and in brief describe the five-component model of an

list and briefly explain the five-component model of an information system. how can you use them?your response should

  How to figure out possibly stacks, queues and trees

How to figure out  possibly stacks, queues and trees

  Questionyour company is in the method of upgrading the

questionyour company is in the method of upgrading the network infrastructure that involves moving from a 10baset to

  What kind of algorithm is required

figuring out how to find the last element of the print statement. For array A(N) and input element ARG, what kind of algorithm is needed to determine which element of A(N) is closest to but not greater than ARG? I've gotten this far but can't find..

  Begin the writing process you are going to compare the

for the final paper you will select one topic from the list below.nbsp choose a topic that is important or

  Make a flowchart and pseudo-code for generating

build a flowchart and pseudo-code for generating a report that prints all of the movies, with all movies made by the same director on one page, as well as the number of movies by each director.

  Determining the i/o access speed

Determine the I/O access speed utilizing the CPU 3 and each of the hour disk drives as they evaluate the following track requests: 0, 31, 20, 15, 20, 31, 15.

  Demonstrate how this search would go

assume an algorithm that processes a data set of size 8 has a runtime of 72, and the same algorithm on a data set of size 20 has a runtime of 420. Using big-O notation, state runtime for this algorithm for the general case of a data set of size n.

  Create a two-dimensionsl array depending on user choices

design an application that either sums or averages the rows or columns of a two-dimensionsl array depending on user choices. Use following data for the array.

  Find the number rounded to the nearest hundredth

For each value read, the program should display the original value, the number rounded to the nearest integer, the number rounded to the nearest tenth, the number rounded to the nearest hundredth and the number rounded to nearest thousandth.

  Define the principle for creating a database

Define the principle for creating a database

  Create a spreadsheet to compare the three identified

this project will help develop your internet skills in commercial services for hosting an e-commerce site for a small

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd