Description
Please revise paper and lab screenshots (not all) and include citations and references.
Digital Forensic Analysis
Start Here
This project will provide an introduction to digital forensic analysis.
Digital forensic analysis is used to review and investigate data collected through digital communications and computer networks. The National Institute for Standards and Technology (NIST) has defined four fundamental phases for forensic analysis: collection, examination, analysis, and reporting. You will learn more about these concepts as you navigate throughout the steps of this project and read the literature and links found in each step.
There are four steps that will lead you through this project. Begin with Step 1: “Methodology. The deliverables for this project are as follows:
- Digital Forensic Research Paper: This should be a five-page double-spaced Word document with citations in APA format. The page count does not include diagrams or tables.
- In a Word document, share your lab experience and provide screenshots to demonstrate that you completed the lab.
When you submit your project, your work will be evaluated using the competencies listed below. You can use the list below to self-check your work before submission.
- 5.3: Uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network in order to protect information, information systems, and networks from threats.
- 8.6: Provides professional preparation for computer digital forensics, investigation of crime, and preservation of digital evidence in criminal and civil investigations and information security incident response.
- 8.7: Provide theoretical basis and practical assistance for all aspects of digital investigation and the use of computer evidence in forensics and law enforcement.
Step 1: Methodology
The methodology includes following a systems process. Identify the requirements, purpose, and objectives of the investigation. Click the links below to review information that will aid in conducting and documenting an investigation:
- secure programming fundamentals
- forensics fundamentals
Learn about the investigation methodology. Consider secure programming fundamentals. Define the digital forensics analysis methodology, and the phases of the digital forensics fundamentals and methodology, including the following:
- preparation
- extraction
- identification
- analysis
This information will help you understand the process you will use during an investigation.
Step 2: Tools and Techniques
Select the following links to learn about forensics analysis tools, methods, and techniques:
- forensics analysis tools
- web log and session analysis
- hash analysis
Step 4: Digital Forensics Research Paper
Now that you have learned basics of digital forensics analyses and methodology, and have experienced one of the common forensic tools, use the material presented in this project as well as research you've conducted outside of the course materials to write a research paper that addresses the following:
- digital forensic methodology
- the importance of using forensic tools to collect and analyze evidence (e.g., FTK Imager and EnCase)
- hashing in the context of digital forensics
- How do you ensure that the evidence collected has not been tampered with (i.e., after collection)? Why and how is this important to prove in a court of law?
The deliverables for this project are as follows:
- Digital Forensic Research Paper: This should be a five-page double-spaced Word document with citations in APA format. The page count does not include diagrams or tables.
- In a Word document, share your lab experience and provide screenshots to demonstrate that you completed the lab.
Before you submit your assignment, review the competencies below, which your instructor will use to evaluate your work. A good practice would be to use each competency as a self-check to confirm you have incorporated all of them in your work.
- 5.3: Uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network in order to protect information, information systems, and networks from threats.
- 8.6: Provides professional preparation for computer digital forensics, investigation of crime, and preservation of digital evidence in criminal and civil investigations and information security incident response.
- 8.7: Provide theoretical basis and practical assistance for all aspects of digital investigation and the use of computer evidence in forensics and law enforcement.
Unformatted Attachment Preview
Purchase answer to see full attachment

Explanation & Answer

Hello,Find attached the completed work.Feel free to ask for any editing or clarification if need be.Looking forward to working with you again in the future.Thank you
Attached.
COMPANY X SAR
CONDUCTED DATE
BY NAME
BS CERTIFICATES
Vulnerabilities Assessment Report
What is system vulnerability?
What is the importance of a security assessment report?
What is the importance of security risk assessment?
System Vulnerability leads to compromised information security in terms of:
Compromised information confidentiality
Compromised information integrity
Operating systems(OS)
Vulnerabilities
Linux vulnerabilities
Windows vulnerabilities
Poor data management
system
Outdated running third party
software's like PHP
Weak security policy setting
Undated antispyware and
antivirus software's
Insufficient system hardening
from interception under less
secured networks
Non-existence or weak
passwords on logins, files and
wireless networks
Weak or lack of passwords in
the system
Lack of backups for Linux
based systems
No patching methods for the
system unlike windows
OS Specific Problems
200 of the company machines have Windows OSs
of varying versions 8-10
50 of the company machines have Linux OS of
different versions as well
Three database servers crashed suddenly
Anomalies were also detected in the system
servers and routers
Business Risk versus Security Risk
The major business and security risks the company is prone to are:
Organized crime by either outsiders or insiders (mostly insiders)
who have unauthorized access to the system
Information thieves
Spies (military, commercial)
Enemy states & terrorists
Cyber-threat and attacks
Viruses
Password cracking
Intrusion and penetration attacks
Eavesdropping attacks
Communication hijacking attacks
OS/Application vulnerability attacks
Server and access point impersonation
Phishing and fraud
Social Engineering
Vulnerabilities Assessment Tools
Microsoft Baseline Security
Analyzer(MBSA)
Works with windows OS
It can only scan for service
packs and system and security
updates not the critical
updates
Offers solutions and
suggestions corresponding to
fixing the vulnerability
MBSA is mostly used by small
and medium sized business
organizations in providing
security management to their
entire system
Open VAS
Works with different operating
systems
Services offered are free to the
user
It identifies detailed security
factors related to the
organization system and
network.
With the help of Network
Vulnerability Assessments,
Open VAS is always updated.
Recommendations
Installation of a good identity management system.
Use MBSA vulnerability scanner (Wales, 2003).
It is easily available and easier to use.
This should be after the installation of Windows OS on all
machines.
The role of People
People are the weakest link
The proposed security solutions should be tied to the
company business processes
Effective Corporate governance
Employees throughout the company should be asked to
assume a security responsibility
References
Ali Alheeti, Khattab M.. (2011). Intrusion Detection System and Artificial
Intelligent. 10.5772/15271. (PDF) Intrusion Detection System and Artificial
Intelligent. Available from:
https://www.researchgate.net/publication/221911298_Intrusion_Detection_Syste
m_and_Artificial_Intelligent [accessed Aug 22, 2018]
Assessment, C. R. (1996). Proposed guidelines for carcinogen risk assessment.
Federal Register, 61(79), 17960-18011.
Curphey, M., & Arawo, R. (2006). Web application security assessment tools. IEEE
Security & Privacy, 4(4), 32-41.
Jajodia, S., & Noel, S. (2010). Topological vulnerability analysis. In Cyber
situational awareness (pp. 139-154). Springer, Boston, MA.
Malaka, E. L. (2017). Benchmarking Vulnerability Scanners: An Experiment on
SCADA Devices and Scientific Instruments(Doctoral dissertation, UNIVERSITY OF
ARIZONA).
Robins, Mark. "Feature centric release manager method and system." U.S. Patent
No. 7,266,502. 4 Sep. 2007.
Tanenbaum, A. S. (2009). Modern operating system. Pearson Education, Inc.
Wales, E. (2003). Vulnerability assessment tools. Network Security, 7, 15-17.
Questions and Contact Information
[Insert Contact information]
Running head: DIGITAL FORENSIC ANALYSIS
Digital Forensic Analysis
Student’s Name
Professor’s Name
Course Title
Date
DIGITAL FORENSIC ANALYSIS
Table of Contents
Abstract ...................................................................................................................................... 4
Investigations ............................................................................................................................. 5
Purpose ................................................................................................................................... 5
Objectives ............................................................................................................................... 5
Requirements .....................................................................................
