User Account

All Pages

Plan for processing the potential crime-incident scene

Assignment Help Other Subject
Reference no: EM13919918

You are the lead forensics investigator for XYZ, Inc. -- an industry leading cyber forensic company. You have just been notified that a top 5 health care company (HCC Partners in Life) has hired your company to investigate a potential breach of their medical records system.

The HCC Security Operations Center (SOC) identified some "inconsistencies" in the intrusion detection system (IDS) logs that caused the reliability to be questioned. HCC uses Snort IDS' running on Linux systems. In addition, the lead HCC database administrator received a strange e-mail from Human Resources (HR), which contained a benefits attachment. When she opened the attachment, the document was blank. She noticed that her system has been acting "strangely" after opening the attachment. She operates a Microsoft Windows XP workstation.

Your team has been tasked with analyzing the HCC network, database server, and any workstations you suspect to determine if there was a breach and any potential patient data leakage. The database server is a Microsoft Windows 2003 Server running Microsoft SQL Server 2008.

If there is any evidence of a breach, HHC has a history of taking these types of incidents to court for prosecution to the full extent of the law.

A. Describe your plan for processing the potential crime/incident scene. Some of the items you will want to cover include (not all inclusive):

How will your team identify potential digital evidence?

How will you prepare for the search?

What steps will your team take if you need to seize any digital evidence?

What documentation processes will you follow to help support any potential legal proceedings?

How will your team/company ensure proper storage/chain of evidence processes are followed?

B. Discuss how your team will approach and process the database administrator's computer -- considering the potential malware on her system.

Include the steps you will use to image her drive.

The areas on her system you will analyze for potential evidence of infection and/or modification.

C. Discuss how your team will approach and process the database server -- as this is the location for patient medical records.

1. Include the steps you will use to image the server's hard drive.
2. The areas on the server's system you will analyze for potential evidence of infection and/or modification.
3. Other items.

D. Discuss how you prepare your team to be expert witnesses or support any expert testimony court requirements.

Reference no: EM13919918

Questions Cloud

Physiological effects of regular physical activity : Which of the following sports is the least likely to place a young girl or woman at risk for the female athlete triad?
Specialized production machine : On January 1, Beckman, Inc., acquires 60 percent of the outstanding stock of Calvin for $45,780. Calvin Co. has one recorded asset, a specialized production machine with a book value of $13,400 and no liabilities. The fair value of the machine is $64..
Briefly describe the particular feature of internal sourcing : Briefly describe the particular features of "internal sourcing"! Explain the advantages and disadvantages of "stock sourcing" or "just-in-time sourcing"!
Identify range of tools for managing operations in marketing : Identify, analyze and evaluate the range of tools and techniques you can use for managing operations in a marketing company, i.e Computer.
Plan for processing the potential crime-incident scene : Describe your plan for processing the potential crime/incident scene. Some of the items you will want to cover include (not all inclusive):
Write a program to calculate the characteristic impedance : Write a program to calculate the characteristic impedance of all the transmission line topologies
Role and responsibility of the human service worker : Compare and contrast the application of functionalism and interactionist theory to poverty. Describe the role and responsibility of the human service worker in the macro environment.
What are the tasks of procurement market research : What are the tasks of procurement market research? Discuss the advantages but also possible problems tied to a use of the Balanced Scorecard!
What are the consequences for dell cost structure : Do you think that Dell's business model can be imitated by other PC manufacturers and manufacturers in other industries? Why or why not?

Reviews

Write a Review

Other Subject Questions & Answers

  Question about human nature

Tend to be people great, poor, or even a mix of each? Provide causes of your own solution. Would you believe residing morally is really a organic as well as simple procedure, or perhaps a difficult as well as difficult job?

  Examine each persons components of culture language symbols

interview two different individuals regarding their positions in society.nbsp analyze their responses regardingidentify

  Diversity in the workplace and affirmative action

Where can i go to find thesis about diversity in the workplace and affirmative action?

  According to the james-lange theory

You are walking through a store when you run into a friend you have not seen in a long time and whom you miss very much. According to the James-Lange theory, what might happen?

  The most controversial facets of counterterrorism

The most controversial facets of counterterrorism are symbolized by, and the most sensitive aspect of the law deals with intelligence gathering and sharing.

  Calculate the percentage of variance explained for r 053

what is the r value listed for the relationship between variables 4 and 9? describe the correlation r -0.32 using

  What blend of the basic sales tasks

What kind of salesperson (or what blend of the basic sales tasks) is required to sell the following products? If there are several selling jobs in the channel for each product, indicate the kinds of salespeople required.

  Tame or fear the tiger

In Week 2, you were introduced to the influence of geography on an industrial revolution and its impact on culture, economy, and global positioning on the respective country or realm.

  What is the anti-personnel land mine treaty

What is the Anti-personnel land mine treaty? Has it been effective?

  High biometric and low biometric issues

Describe how a low biometric is being used in the public and private sector today.

  Preschool and elementary-aged children

What are the similarities and differences in the physical, cognitive, and socioemotional development between preschool and elementary-aged children.

  Cultural and religious contexts.

Hinduism and Jainism share an understanding of karma, although there are important differences. Other world religions also promote the concept of karma—consider the proverb, “As you sow, so shall you reap.” Identify some negative and positive ways th..

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd