IT Security Management

[ad_1]
Part 1Developments in the world have shown how simple it is to acquire all sorts of informationthrough the use of computers. Today, social networking services have become a fundamentalelement in people’s lives, as social networking sites are able to connect people, help them getupdates from around the globe, and also make their lives easier by providing other information.This information can be used for a variety of endeavours, and criminal activity is a major one.In an effort to fight this new crime wave, law enforcement agencies, financial institutions, andinvestment firms are incorporating computer forensics into their infrastructure. From networksecurity breaches to child pornography investigations, the common bridge is the demonstrationthat the particular electronic media contained the incriminating evidence. Supportiveexamination procedures and protocols should be in place in order to show that the electronicmedia contains the incriminating evidence. This part is due in week 9. (2,500 words)You are a computer forensics consultants/ digital forensics investigator at UK law firm DuncanLewis Solicitor Company, your responsibilities will include but not limited to:a) Good Practice Guide for Digital Evidence: Provide professional advice to staff to bestpractice and procedures for investigating digital and electronic devices.b) Initial risk assessments ensuring that the devices submitted are safe to be examined.c) Use forensic software and hardware to capture, retrieve, recover and extract data frommobile phones and portable devices in a forensically sound manner whilst keeping alog of the processes used. Where necessary photograph or video record the steps ofthe process.d) Keeping a full log of steps and processes undertaken conduct thorough yet focuseddigital forensic investigations on computers, and other digital devices including smartphones for all cases.e) Developing forensic processes, techniques and programmes in line with advancementsand changes in technology, ensuring they meet accreditation standards and integrityfor court.f) Provide a scene response to digital investigations from the case strategy through to theinvestigation into recovered digital media. Provide a complete service from the outsetof an investigation to the recovery and production of evidential reports.g) Prepare detailed statements and case specific reports in a format suitable for intendedpurpose.h) Provide expert interpretation of evidence produced.i) Attend court when required in the capacity of the Digital Forensic Investigator.Page 4 of 8[1751]Task 1You have been asked by the company to write a technical report to assist law enforcementagencies and prosecutorial offices including all the above responsibilities.(20 marks)(LO 1, 2 &3)Task 2To address the complete investigation process you have to select a series of guides dealingwith digital evidence showing proper evidence handling.The guides in the series will address the followings:a) Design a research method (case study) that contains information about:

The suspect
The background and context at which the case has taken place
The suspected criminal activities.(5 marks)b) Tools and techniques used to commit Cyber-Crimes (e.g. Visual disk image), includingprovide professional guide to staff for how to create activities tracing disk image (i.e.files the suspect may have deleted, overwritten, modified, etc. You can also move filesaround).(5 marks)c) Creating a digital evidence forensic: You need to create a discussion thread in iLearnand post
The disk image file
The meta-data file that contains the hash values etc. of your disk image
The case description fileYou will also need to send a solution file of this case (i.e. evidences to be found and wheresupported by some screenshots) to your tutor’s email. Do not publish this file to the publicdiscussion forum!(10 marks)d) Presenting digital evidence in the courtroom: You should completely and accuratelyreport the findings and results for a court of law explaining the suspect’s recentactivities. Analysing critically your findings, you must support your findings by somescreenshots.(10 marks)(LO 4)Provide annotated screenshots along with an executive summary of the findings and aconclusion.Page 5 of 8[1751]Part 2The main goal of designing secure networks is to manage the risks as effectively as possible,rather than eliminating all the threats. Recently, UK law firm Duncan Lewis alerted regulatorybodies and the National Crime Agency Action Fraud team that a data breach occurred in theirfirm. According to a report in the Law Society Gazette, hackers infiltrated the IT system of thenational firm to harvest data before attempting to spread data through social media. DuncanLewis urged people not to open any links to Twitter accounts that may contain sensitiveinformation as it worked to contain the data breach. To protect their clients, the firm secured aHigh Court Injunction preventing the use, publication, communication or disclosure to any otherperson of any information obtained from Duncan Lewis’ IT systems. Hacking is proving a majorheadache for law firms and other professional services. The Solicitors Regulation Authority,which receives around 40 reports of confidentiality breaches each month, stresses theimportance of running the latest versions of software, in particular, browsers and operatingsystems, and to keep them up to date.You have been asked by Corporate Law Solicitor Company to build a secure network for acompany to prevent hackers from targeting your law firm. The budget, however, needs to bejustified. Thus, you will need to design the layout of users, domains, trusted domains,anonymous users etc. This part is due in week 12. (2,500 words)
Propose the network topology for various servers and the assumed location for trusteddomains such as the location of your firewalls and Intrusion Detection Systems (IDS).(10 marks)
List the common security assumptions in your design that lead to data theft andfinancial loss(5 marks)
Propose FIVE methods for authentication can be used in your design and justify yourdesign choices.(5 marks)
Discus how secure File Transfer Protocol (FTP) services protect sensitive data fromhackers in network and suggest a mechanism to exchange files securely between usersin your design network.(5 marks)
The evolution of the Internet has increased the need for security systems. An importantsecurity product that has emerged is (IDS). What are the main functions of a networkIDS, and where to place it in you design?(5 marks)
Investigate the potential security issues in your own design. In other words, criticise yourown design listing down the possible vulnerabilities it may have.(5 marks)Page 6 of 8[1751]
Explain how you would measure the ROI on security for your system. You should giveexamples for both tangible and intangible assets.(5 marks)
In tips, explain how you could maintain the security to protect your mobile device if thedevice is infected with malware, it may lead to hidden use of premium services, or leakingsensitive information.(5 marks)
How do you encrypt your data (e.g. emails, your files in the cloud and messages) againstunwelcome parties?5 marks(LO 5, 6 and graduate attribute)

Sample Solution

What Students Are Saying About Us

.......... Customer ID: 12*** | Rating: ⭐⭐⭐⭐⭐
"Honestly, I was afraid to send my paper to you, but splendidwritings.com proved they are a trustworthy service. My essay was done in less than a day, and I received a brilliant piece. I didn’t even believe it was my essay at first 🙂 Great job, thank you!"

.......... Customer ID: 14***| Rating: ⭐⭐⭐⭐⭐
"The company has some nice prices and good content. I ordered a term paper here and got a very good one. I'll keep ordering from this website."

"Order a Custom Paper on Similar Assignment! No Plagiarism! Enjoy 20% Discount"