User Account

All Pages

CTEC3424 Network Forensics Assignment

Assignment Help Computer Networking
Reference no: EM132870765

CTEC3424 Network Forensics - De Montfort University

Network Forensic Report

Learning outcome 1: Apply research based approach to forensic analysis;

Learning outcome 2: Analyse and interpret digital evidence from a variety of sources;

Learning outcome 3: Present findings to both executive and technical audiences;

Tasks to be undertaken:

In this coursework you are expected to:

1. Ensure evidence is preserved at all times - and prove it has been;

2. Analyse the artifacts to extract the evidence which can be used in the court to prove the incident.

3. Go through the evidence and write a report to explain what was happening at the time the evidence was being captured;

4. Propose a plan to mitigate issues in the future;

5. Express the technical details in such a way that the non-technical executives can easily understand what has happened and the reasons behind the recommendations you make to ensure they can make an informed decision about the next actions to take to prevent future issues;

Background:
Yoh have been hired by a local company to investigate an incident involving their computer network. Recently, the network admin of IT department reported anomaly activities in the company's network but his team are unable to internally investigate the network because they don't have expert staff in network forensic. You will be working as a Network Forensic Investigator for the duration of the assignment.

The network admin has been able to obtain a .pcap file for you to analyse. They have not been very help with the issues they are having, but they have found some strange files whilst they were looking around the network to try and workout what was going on, and have also provided them for you to analyse.

Initially the company plans to keep this entire matter internal, however if there is evidence discovered of a criminal nature during the course of the investigation, then they are fully willing to take the matter to court, they therefore expect you to undertake the investigation from the beginning with the due care and attention that you would with a case presented to you as a criminal case from the start.

This means that you will need to keep everything confidential and you should not disclose anything to do with the investigation to anyone except the network admin, in particular they have mentioned that as they are unsure if the issues are internal or external, you should not speak to anyone else within the company or building.

Notes:

1. You must write the report so that the executives of the company can understand what the issue is, or the issues are, and how they relate to the company problems they are experiencing. As the network executives are not as technical as we are, they will need items introduced then explained in clear non-technical UK English;

2. You will need to use the provided template for the report, any specific proof should also be attached and indicated as such, however that should not be in the main part of the report as the network executive will hand that over to their lawyers and technical experts to deal with;

3. You will need to make sure you include enough detail so that should the investigation go to court, another specialist could follow your report and share the same findings as you did;

4. Don't forget you will still need to use Harvard referencing, make use of appendices, and MAKE SURE you are using UK English spellings throughout;

Case Description:
CheckThatItem is a local consultant agency to help customers in checking the quality of the items before they buy. Over the past couple of weeks, the network of this agency has been experiencing several suspicious activities including attempts of illegal access and bringing its services down. The company executives have asked you to assist them with investigating the issues because they are not sure if there is something going on from inside the network or if it is actually outside the network as they have been receiving confusing and sometimes conflicting information from the IT team and some of the details are so technical it is hard to work out which bit is the problem or the solution - even when they have asked for clarification.

Suzan, the executive in charge of the IT team reported the following issues:

"We are having a lot of strange issues; however, the problems seem to be intermittent. The IT team maintain that they have no issues flagging up and the services are all up and running fine at their end. There also seems to be some file problems, items have been slow to open, or the files will not open at all."

CheckThatItem has requested your services in order to ascertain:

1. If there has been some sort of intrusion to their network;
a. If there has, did they get in to the network;
b. What did they do if anything once inside - did they take anything or leave anything;

2. If there has been an inside incident, what has been done and who is involved;

3. A timeline of events;

4. If it looks like there is or has been any criminal activity or UK laws have been broken, the CheckThatItem executives will cooperate fully with the police on the matter, so they wish to be informed if this is the case, any proof of this activity will need to be collected and preserved as per usual guidelines.

5. If there is anything the company can do to help prevent future issues, particularly staff training and any software that you would recommend;

Attachment:- Network Forensics.rar

Reference no: EM132870765

Questions Cloud

Explain detailed reason for choosing this particular dmc : Please give a detailed reason for choosing this particular DMC. This may involve looking at other DMC's in that location and comparing and contrasting services,
What are some of the ways that human resource managers : What are some of the ways that human resource managers operating in local government agencies (i.e. municipal, county, school districts, and so forth)
What is currency-foreign exchange : What is currency? foreign exchange? Identify 3 reasons both are so important to international business?
Identify the broad problem area : While Chrysler's minivans, pickups, and sports utilities take a big share of the truck market, its cars trail behind those of GM, Ford, Honda, and Toyota.
CTEC3424 Network Forensics Assignment : CTEC3424 Network Forensics Assignment Help and Solution, De Montfort University - Assessment Writing Service - Analyse and interpret digital evidence
What is organizational effectiveness : What is Organizational Effectiveness? Explain all the four perspectives of organizational effectiveness?
Differences between academic-business research approaches : Explain which research approach you as a researcher would choose (i.e. quantitative or qualitative) for your particular research question/problem.
Explain chevron deference : Explain Auer deference (or Seminole Rock deference) and identify when it is used. Explain Chevron deference and identify when it is used. What are the two steps
Research apple home pod : Research Apple Home Pod. How does it interact with smart home devices? Alexa is now connected to smart home devices such as thermostats and microwaves.

Reviews

Write a Review

Computer Networking Questions & Answers

  Networking and types of networking

This assignment explains the networking features, different kinds of networks and also how they are arranged.

  National and Global economic environment and ICICI Bank

While working in an economy, it has a separate identity but cannot operate insolently.

  Ssh or openssh server services

Write about SSH or OpenSSH server services discussion questions

  Network simulation

Network simulation on Hierarchical Network Rerouting against wormhole attacks

  Small internet works

Prepare a network simulation

  Solidify the concepts of client/server computing

One-way to solidify the concepts of client/server computing and interprocess communication is to develop the requirements for a computer game which plays "Rock, Paper, Scissors" using these techniques.

  Identify the various costs associated with the deployment

Identify the various costs associated with the deployment, operation and maintenance of a mobile-access system. Identify the benefits to the various categories of user, arising from the addition of a mobile-access facility.

  Describe how the modern view of customer service

Describe how the greater reach of telecommunication networks today affects the security of resources which an organisation provides for its employees and customers.

  Technology in improving the relationship building process

Discuss the role of Technology in improving the relationship building process Do you think that the setting of a PR department may be helpful for the ISP provider? Why?

  Remote access networks and vpns

safekeeping posture of enterprise (venture) wired and wireless LANs (WLANs), steps listed in OWASP, Securing User Services, IPV4 ip address, IPV6 address format, V4 address, VPN, Deploying Voice over IP, Remote Management of Applications and Ser..

  Dns

problems of IPV, DNS server software, TCP SYN attack, Ping of Death, Land attack, Teardrop attack, Smurf attack, Fraggle attack

  Outline the difference between an intranet and an extranet

Outline the difference between an intranet and an extranet A programmer is trying to produce an applet with the display shown in Figure 1 below such that whenever one of the checkboxes is selected the label changes to indicate correctly what has..

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd