Cis 4203 Forensics Discussion 1 - Overview of Evidence

940 Words4 Pages
Discussion 1 - Overview of Evidence Due Sunday by 11:59pm Available after May 16 at 12am
Learning Objectives and Outcomes * Determine the appropriate digital forensic analysis technique for a given scenario.
Assignment Requirements
Review the information in the text sheet entitled “Overview of Evidence and Digital Forensic Analysis Techniques,” which describes different types of digital forensic analysis techniques, such as disk forensics and e-mail forensics.
Based on the information in the text sheet and in your assigned reading for this week, discuss the following scenarios and determine which type of forensic analysis technique(s) should be used, and why: 1. The Federal Trade Commission disclosed a law suit against
…show more content…
For example, you can use Internet forensics to determine whether inappropriate Internet content access and downloading were accidental.

2. A hacker broke into the primary Web server of a major e-commerce Web site and planted a logic bomb that would cause a Web server to power down. It was programmed to go off at noon the day after Thanksgiving, at the height of the holiday shopping season. Security employees at the e-commerce company were alerted to the possibility of the logic bomb but hadn’t yet located it.

Live system forensics — the process of searching memory in real time, typically for working with compromised hosts or to identify system abuse is live system forensics. Each of these types of forensic analysis requires specialized skills and training. Determine the nature and criminal or civil implication.
The Live system Response methodology is used to acquire volatile data intelligence. Examples: acquire System Time using command - date /t & time /t or Uptime.exe); View Logged-on user(s) via independent program like “Computer Manager under Shared Folder/Sessions”
Also, “Sysinternals” utilities using command: “psloggedon”, ; Open Files; Network Information, Network Connections, Process Information, Process-to-port mapping, Network Status, Clipboard Contents, Service/driver information, Command History, and Mapped Drives Shares

Software forensics or malware forensics — the process of examining malicious

    More about Cis 4203 Forensics Discussion 1 - Overview of Evidence

      Open Document