Digital InvestigationsII

You are the senior forensic examiner and incident response team member for a large corporation responsible for protecting national security data and personally identifiable information (PII).

After a string of security incidents being reported by competing organizations, you have been asked to attend a meeting with the corporate executives, and the Chief Technology Officer (CTO) to discuss the current security practices and policies for intrusion detection and monitoring. Your efforts will ensure the same threats will be successfully detected, analyzed, and eradicated before they can affect the corporation.

The CTO is especially concerned intruders and attackers may possibly exploit weaknesses in systems used for common services, such as Web sites and e-mails, unless computer security and intrusion detection methods and policies are applied immediately.

Provide a technical synopsis of what you might state in this meeting about how the corporation will be conducting network and OS investigations using forensics tools.

Assignment Guidelines

Include the following for your technical synopsis in a Microsoft Word memo:

  • A title page
  • A report that includes the following:
    • An introduction to the contents of the report
    • Provide a high-level overview of why the organization must use IDS/IPS, WinDump, Snort and TCPdump tools for network monitoring and data capture.
    • Provide a high-level explanation for how forensics investigators perform real-time computer imaging, image verification and authentication over the network using enterprise forensics tools
    • A conclusion to the report
    • A reference page in APA format

The report should be a minimum of 3–5 pages in length (excluding the title page) and neatly formatted. Sources should be properly cited in APA style.

Please follow and like us: