·
Case Study 2: Developing the
Forensics, Continuity, Incident Management, and Security Training Capacities
for the Enterprise
Download and read the following articles available in the ACM Digital
Library:
Arduini, F., & Morabito, V. (2010, March). Business continuity and the
banking industry. Communications of the ACM, 53(3), 121-125
Dahbur, K., & Mohammad, B. (2011). The anti-forensics challenge.
Proceedings from ISWSA ’11: International Conference on Intelligent Semantic
Web-Services and Applications. Amman, Jordan.
Write a five to seven (5-7) page paper in which you:
1. Consider that Data Security and Policy Assurance methods are important
to the overall success of IT and Corporate data security.
a. Determine how defined roles of technology, people,
and processes are necessary to ensure resource allocation for business
continuity.
b. Explain how computer security policies and data
retention policies help maintain user expectations of levels of
business continuity that could be achieved.
c. Determine how acceptable use policies, remote access
policies, and email policies could help minimize any anti-forensics efforts.
Give an example with your response.
2. Suggest at least two (2) models that could be used to ensure business
continuity and ensure the integrity of corporate forensic efforts. Describe how
these could be implemented.
3. Explain the essentials of defining a digital forensics process and
provide two (2) examples on how a forensic recovery and analysis plan could
assist in improving the Recovery Time Objective (RTO) as described in the first
article.
4. Provide a step-by-step process that could be used to develop and sustain
an enterprise continuity process.
5. Describe the role of incident response teams and how these accommodate
business continuity.
6. There are several awareness and training efforts that could be adopted
in order to prevent anti-forensic efforts.
a. Suggest two (2) awareness and training efforts that
could assist in preventing anti-forensic efforts.
b. Determine how having a knowledgeable workforce could
provide a greater level of secure behavior. Provide a rationale with your
response.
c. Outline the steps that could be performed to ensure
continuous effectiveness.
7. Use at least three (3) quality resources in this assignment. Note:
Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
·
·
Be typed, double spaced, using
Times New Roman font (size 12), with one-inch margins on all sides; citations
and references must follow APA or school-specific format. Check with your
professor for any additional instructions.
·
Include a cover page
containing the title of the assignment, the student’s name, the professor’s
name, the course title, and the date. The cover page and the reference page are
not included in the required assignment page length.
The specific course learning outcomes associated with this assignment are:
·
·
Describe and apply the 14
areas of common practice in the Department of Homeland Security (DHS) Essential
Body of Knowledge.
·
Describe best practices in
cybersecurity.
·
Explain data security
competencies to include turning policy into practice.
·
Describe digital forensics and
process management.
·
Evaluate the ethical concerns
inherent in cybersecurity and how these concerns affect organizational
policies.
·
Create an enterprise
continuity plan.
·
Describe and create an
incident management and response plan.
·
Describe system, application,
network, and telecommunications security policies and response.
·
Use technology and information
resources to research issues in cybersecurity.
·
Write clearly and concisely
about topics associated with cybersecurity using proper writing mechanics and
technical style conventions.
