You can download the solution to the following question for free. For further assistance in Information Security assignments please check our offerings in Information Security assignment solutions. Our subject-matter experts provide online assignment help to Information Security students from across the world and deliver plagiarism free solution with free Grammarly report with every solution.
(ExpertAssignmentHelp does not recommend anyone to use this sample as their own work.)
One World Finance (OWF) is a specialist provider of high quality, consumer finance services to a global network of customers. Trading in Australia and New Zealand since 1990, the company employs more than 750 employees and the company serves more than 5 million customers. The company's main office is situated in Brisbane with other branch offices located in Sydney and Melbourne.
OWF has invested heavily in information technology for supporting its global business operations and achieving competitive advantages over its competitors. Major investments were made by the company in 2001 but management has lost focus in updating the networks and application infrastructure that supports the business operation in recent years. The network environment between all of OWF offices is flat and relatively unrestricted. Users from one office can access systems and servers from another office. Workstations and servers are typically Microsoft Windows-based. Firewalls and network segmentation are implemented poorly throughout the environment. Intrusion detection and logging exist on systems but they are not effectively used.
Last night, John Marsh at the Sydney office went in to work early and when he got connected to his computer, he found that someone was already connected to his computer with several windows opened. As he stared at it, his computer system got disconnected. He then tried to get connected again, but he was logged out. He called the IT manager, who followed a plan for such incidents. This includes disabling John’s account and examining the server security logs. The IT manager found that the IP address of the computer that was connected to John’s computer belongs to a computer used to run a data projector at the Melbourne office. He quickly rang the Melbourne office to check who has used the computer and requested the logs of people who have swiped into the building. He found out that there were five people in the building at the time, but one employee, Andrew Gale has since swiped out and called in sick. An urgent meeting with the management concludes that Andrew Gale has at least violated company policy by accessing a colleague’s account, but is unsure if he has violated any other policy or engaged in any criminal activity. As an information security officer, you are asked by the management to investigate to find out the extent of Andrew’s activities, if others are involved, who is affected and whether criminal charges need to be laid.
Your task is to prepare digital forensics investigative plan to enable a systematic collection of evidence and subsequent forensic analysis of the electronic and digital data. Assuming all systems are Windows based, this plan should detail following:
Tips for preparing your digital forensics investigative plan
In writing the digital forensics investigative plan, students need to address following points. Do note that points listed below are not exhaustive and need to be considered as helpful tips.
Review your requirements with our FREE Assignment Understanding Brief and avoid last minute chaos.
We provide you services from PhD experts from well known universities across the globe.
No more plagiarism worries. We give you a FREE Grammarly report with every assignment.
One World Finance (OWF) is a provider of high quality finance services to a global network of customers. The main office of this company is in Brisbane and other branches are at Melbourne and Sydney. A lot of investments were made in the year 2001, but no focus was given on updating the network and application infrastructure. The network environment between all the offices was unrestricted. Network segmentations were poorly implemented. Intrusion detection and logging that existed on the system were not effective. Due to such an unsecured system of networks the computer system of Sydney was operated from the Melbourne office. The employee named John Marsh reported about the incident to the IT manager who took immediate action regarding the issue. He disabled John's account and examined security logs of the server and recovered files through digital forensic plan. There are various issues in the organization like One World Finance that makes them arrange an investigator to look into the issue and find out the root cause. It is a key element in every organization these days (Casey, 2012). This assignment aims on investigating the extent of Andrew's activities in using a colleague's system. A digital forensic investigation plan is made to enable a systematic collection of evidence and forensic analysis of digital data. The report also provides recommendations for few finest solutions for the company.
Digital Forensics is a process of identifying, preserving, analysing and presenting digital evidence in such a way that it is accepted legally. Various reasons to conduct a digital forensic investigation are data recovery, criminal investigations and the civil hearing investigation (Fabro, 2008). A digital forensic investigation deals with John Marsh got to know that his system is being compromised. When he logged in, he noticed that several windows were already open and someone else was already connected to his system. He was getting disconnected again from his system again and again so he called up the IT manager regarding the issue. The initial step of a digital forensic methodology is a request for service. This is done to find out whether the company's system is compromised and if it is then what data compromised. The investigator uses the digital forensic methodologies so that necessities for investigation can be fulfilled. There are various digital forensic methodologies like Integrated Digital Investigation Process (IDIP) and Digital Forensic Research Workshop (DFRWS) where the process is identified, preserved, analysed and presented. To get a clear picture of the process involved in data collection during investigation of the process there are several steps for a digital forensic approach that are listed below: