Computer Science assignment 14

ITEC 4321 Module 14 Assignment

P a g e 1 | 2

This assignment should take no longer than 3-6 hours to complete, but I am allowing a week of

time for completion. This should account for varying schedules. All work submitted during this

class should be of your own creation. “Cut-n-paste answers” are not acceptable and will not

receive credit toward the assignments in this class.

Assignment Summary:

✓ Read Chapter 14 in the textbook

✓ Check for additional material posted in D2L

✓ Complete the activities below

Module 14 Assignment:

Instructions: Answers should be contained in either a single Word document or PowerPoint presentation. If using PowerPoint, only one answer per slide. Do not zip file before submission. Number your answers appropriately. If a question has multiple parts, be sure to number those as well (1b, 3c, etc.). If you are skipping an answer, number as usual and note “Question Skipped” or “Not Answered.” Keep answers in the order listed in this handout. For written responses, each answer should typically be around 200-250 words (1-2 nice paragraphs), well-written (proper spelling, punctuation, grammar, etc.), and cover the topic fully. Be sure to cite your sources (including the textbook)! If an answer requires a screenshot, please make sure that your screenshot shows all relevant information and is large enough to be easily legible. Points will be deducted if your submission is not properly formatted as detailed above.

Deliverables:

You are a digital forensics intern at Azorian Computer Forensics, a privately owned forensics

investigations and data recovery firm in the Denver, Colorado area. Azorian is going to give a

presentation to the local high school robotics and computer club on malware techniques and

digital forensics.

You have been asked to prepare a presentation suitable to a high school audience that briefly

describes several types of malware and some high profile attacks, and some techniques that

forensic specialists use to detect malware.

For this assignment:

1. Create a professional PowerPoint presentation summarizing the following:

• Briefly describe each of the following:

o Viruses, worms, spyware, logic bombs, and Trojan horses

• For each type of malware, describe a recent attack that made the news.

• Describe some techniques used by forensic specialists to detect malware.

ITEC 4321 Module 14 Assignment

P a g e 2 | 2

Use standard (i.e., easy to read) font styles -- no Comic Sans! For slide headings, use 32-

point font size. For slide body, try to use 24-28 point but never less than 20-point.

Presentation length should be 8 to 12 slides, including title slide, summary slide, and

citations slide. (40 points)

2. Log in to the JBLearning Cloud Labs and complete Lab 10: Conducting Forensic

Investigations on System Memory. For deliverables, submit the following:

a) From Section 3: Challenge and Analysis, Part 1: Identify Malicious Connections,

identify (list) the three processes that connected to 205.134.253.10:4444. What

is the name and purpose of the software you discovered? (15 points)

b) From Section 3: Challenge and Analysis, Part 2: Identify Suspicious Outgoing

Connections, take a screenshot showing the fixComputer.exe process, and all of

those below it, in the pslist output. (15 points)

c) From Section 3: Challenge and Analysis, Part 2: Identify Suspicious Outgoing

Connections, take a screenshot showing the output of the yarascan. (15 points)

d) From Section 3: Challenge and Analysis, Part 3: Identify Privilege Escalation,

take a screenshot showing the output of your privilege comparison. (15 points)

NOTE: Upload the PowerPoint presentation for deliverable #1 as a separate file from

deliverable #2. Deliverable #2 can be either a Word or PowerPoint file. Do not zip/compress

files together before uploading to D2L.