Network Forensics

bendy1025
FinalLabProjectInstructions.docx
Home>Biology homework help>Network Forensics

Final Lab Project Instructions

The lab requires you to finalize the report based on the material provided in week 7.

You must have an executive summary that provides an overview of what happened and describes recommended courses of action.

Answer all the components required in the report template. Include supporting documents—such as screenshots, malware analysis, or reports generated by tools you have used—as appendices to the report. If you include an appendix item, it must be referenced somewhere in your report.

Do not provide a data dump and expect your instructor to parse your results. Provide a clear, concise report of findings supported by tool usage and, most important, your analysis of the events and how they will affect—or already have affected—the organization.

Submission requirements

· Font: Calibri

· 12-point

· Double-spaced

Introduction

Understanding the impact on the organization is a key trait for a forensic analyst. Digital forensics is not just data dumping; it’s the analysis piece that is crucial to the discovery of second- and third-order effects within the organization’s network.

Week 7 is the beginning of the hands-on practical application portion of your final exam, which will continue in week 8. Given a variety of evidence and indicators, you must successfully perform, determine, and derive a mitigation strategy based on an intrusion that took place.  Download the case material as indicated by your instructor. Be sure to check the MD5 hash file with your corresponding evidence. This is the point at which all the pieces and components come together: processing the evidence, generating a report, and recommending mitigation strategies.

Readings

1. The documents listed in the links below are examples of Incident Response Plans that, once filled in, could become a viable starting point for your organization.

a. https://cdt.ca.gov/wp-content/uploads/2017/03/templates_incident_response_plan.doc

b. http://cdn.ttgtmedia.com/searchDisasterRecovery/downloads/SearchDisasterRecovery_Incident_Response_Plan_Template.doc

These lab reports are samples. Please use the Forensic Investigative Analysis Report template provided in the Course Documents folder to structure your assignment.

2. Use this guideline from Berkeley Security to assist you in getting started with the Incident Response Plan should an incident occur.

a. https://security.berkeley.edu/content/incident-response-planning-guideline

3. You already looked at portions of this NIST guide; now use chapters 1–8 to provide guidance as you make your way through the case evidence for relevant reporting points.

a. Computer Security Incident Handling Guide