Compare and contrast systems forensic uses of the
military, law enforcement agencies, and private corporations. Determine which
of these groups has the greatest need for systems forensics and what issues may
arise if adequate forensics operations were not in place. Give a justification
with your response.
2. Use the Internet
or the Strayer Library to research at least one commonly used system forensics
software tool.From the e-Activity, discuss Discuss the tool’s primary uses,
strengths and weaknesses, competing products, costs, system requirements, and
whether military, law enforcement and / or private corporations use the tool.
Explain why you would consider utilizing this tool as a system forensics
specialist, and provide a scenario where this tool would assist you in an
investigation.
3. Consider the two
(2) goals of data collection – maximizing the usefulness of the evidence and
minimizing the cost of collecting it. Analyze why these goals can create
significant challenges for an investigator. Determine what potential downfalls
may arise in an investigation when limiting evidence collection operations
purely based on cost.
4. Examine the
nuances of evidence collection when dealing with volatile and temporary data
and provide an example. Suggest at least three (3) procedures, tools, and / or
techniques at the disposal of an investigator that could assist him / her in
evidence collection of this potentially critical evidence.
5. Select two
principles for policy and standards development (accountability, awareness,
ethics, multidisciplinary, proportionality, integration, defense-in-depth,
timeliness, reassessment, democracy, internal control, adversary, least
privilege, continuity, simplicity, and policy-centered security). Examine how these
principles would be the same and different for a health care organization and a
financial organization.
6. Determine which
type of organization would have the most difficulty implementing the principles
you selected. Support your answer.
7. From the
e-Activity, provide a brief explanation of the Operationally, Critical Threat,
Asset, and Vulnerability Evaluation (OCTAVE) methods. Explain how they are
beneficial for organizations developing their IT risk management approaches.
8. From the
e-Activity, explain how the size of the organization impacts the OCTAVE method
utilized. Determine the factors that large organizations, as opposed to small
organizations, are most concerned with. E-Activity for 7/8 –
Operationally, Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) is
a commonly used methodology for risk-based information security assessment and
planning. Review the information located athttp://www.cert.org/octave/. Be prepared to discuss.
Leave them numbered.
