Assignment - Due 9 August 18

profileShiaRo
FINAL_EXAM-661.docx
Home>Computer Science homework help>Assignment - Due 9 August 18

--------------------- Any form of disclosure of any part of this final exam without written permission from the Program Director and UMUC Legal Office is prohibited.  ---------------------

CSEC661 Final Exam  Due Date/Time: 11:59 PM EDT, 8/12/18. Late submissions cannot be accepted, due to end of semester.    This final examination is worth 20 percent of your total grade. There are four (4) questions and the maximum point values are included with each question. The recommended length for the final exam is 10 - 15 doubled spaced pages excluding diagrams, illustrations or other addendum. The use of APA formatting is required for any in-text citations and reference list. Please submit ONE document for all answers in Word or PDF in the Final Exam assignment/dropbox in LEO by the due date. I expect the response to immediately follow the question as follows:

1. Tasking One -- approximately 600 - 1000 words (2 - 4 pages) excluding diagrams, illustrations or other addendum. 

Response for tasking one ….

 

2.             Tasking Two -- approximately 600 - 800 words (2 - 3 pages) excluding diagrams, illustrations or other addendum.

Response for tasking two …

 

3.             Tasking Three -- approximately 600 - 800 words (2 - 3 pages) excluding diagrams, illustrations or other addendum.

Response for tasking three ….

 

4.             Tasking Four -- approximately 600 - 800 words (2 - 3 pages) excluding   diagrams, illustrations or other addendum.

Response for tasking four …

________________________________________________________________

Final Exam Scenario

You are a digital forensics investigator for DFI, LLC. – digital forensic investigation company. You have just been contracted by American Marketing Systems (AMS) to conduct a clandestine investigation in support of a suspected internal skimming operation involving one or more people in the marketing department or accounts receivable.  AMS has reason to suspect that one or more employees are stealing from the company.

AMS is just aware that there is a problem, but they don’t know what the problem is or how the skimming operation is being conducted. Your job is to determine if a skimming operation exists, and if so, who is involved and how they are conducting the operation.

The general method that DFI and AMS agreed upon is to place you into a “created” position with IT as a systems administrator so that you can conduct the investigation under cover of your system administrator role. Nobody within AMS knows of your role as a forensic investigator except the VP of IT, the company controller, and the CEO.  You will only communicate with these individuals off site so as to not blow your cover. ________________________________________________________________

Your Tasking

1. Describe your plan for conducting your investigation. (30 points). Some of the items you will want to cover include (not all inclusive):

a.    What AMS corporate assets you will review

b.    The tools that you will need

c.     The way that you will conduct your review of each asset

d.    History – how far back will you need to go in your review and how will you determine this

e.    Verification – how will you verify your findings

 

2.     Project Plan (15 points).

a) The steps and dependencies in your investigation

b) Time estimate for each task

c) Potential risks and challenges to the investigation and how they should be handled.

 

3.             Determine how you will determine who is involved (15 points).

1. People within AMS.

2. People external to AMS.

3. Methods employed to conduce skimming operation.

4. Other considerations.

4.         Discuss how you will handle potential evidence. (15 points).

1. Chain of custody and preservation.

2. Analysis and reporting.

3. Other items.

________________________________________________________________

Grading Criteria

This assignment is worth 20 percent of your total grade. 

Criteria

Points

Excellent A (90+)

Satisfactory B (80-89)

Needs Improvement (below 80)

Describe your plan for conducting the investigation. (30%)

 

The description of your plan for conducting the investigation is thoroughly developed and logically presented.

The description of your plan for conducting the investigation is sufficiently developed and logically presented.

The description of your plan for conducting the investigation is not sufficiently developed and/or logically presented.

Describe your project plan for conducting the investigation. (15%)

 

Project plan with considerable detail with appropriate time estimates and dependencies.   Risks identified and contingencies described.

Project plan developed with time estimates.  Minor deficiency in plan detail and/or time estimates, dependencies, risks, or contingencies.

Significant shortcoming in project plan, time estimates, dependencies, risks or contingencies.

Describe how you will determine who is involved and what methods they employed. (15%)

 

Description of investigative steps to determine who is involved and methods they employed are thoroughly developed and logically presented.

Description of investigative steps to determine who is involved and methods they employed are

sufficiently developed and logically presented.

Description of investigative steps to determine who is involved and methods they employed is not sufficiently developed and/or logically presented.

Describe how you will handle the evidence chain of custody, how you will conduct analysis, and how you will report results.(15%)

 

Description of evidence handling, analysis, and reporting is thoroughly developed and logically presented.

Description of evidence handling, analysis, and reporting is sufficiently developed and logically presented.

Description of evidence handling, analysis, and reporting is not sufficiently developed and/or logically presented.

Quality of documented support (10%)

 

The discussion in the report thoroughly incorporates the appropriate references in the literature.

The discussion in the report applies the appropriate references in the literature.

The scope of the research presented in the report is inadequate.

Organization (5%)

 

The content is well organized with clear transitions among major subtopics.

The content is generally well organized with some improvement possible in transitioning among subtopics.

The organization of the content is confusing without clear transitions among subtopics.

Writing style (5%)

 

Graduate level writing is reflected throughout the paper, including accurate spelling, punctuation, grammar and sentence structure.

Writing is acceptable, a few errors in spelling, punctuation, grammar, and/or sentence structure.

Writing does not meet graduate standards. Unacceptable number of errors in spelling, punctuation, grammar, sentence structure, and/or citation format.

Use of proper APA formatting (5%)

 

In-text citations are presented in proper APA format and all sources are identified in the reference list and cited in proper APA format.

Minor errors in citation identification and/or APA format.

Unacceptable number of errors in APA format.