CIS 417 Computer Forensics Securing the Scene

Strayer CIS 417 Computer Forensics Assignment 3 Securing the Scene
Imagine you are a digital forensic investigator for a healthcare organization. You learn from your internal information security department that an employee has been using password-cracking software to access confidential customer insurance information. The account information extracted is unknown at this time, though it appears as though multiple computers were being used for the crime and it isnt clear whether an attack is currently in progress. The employee has been detained but his computers remain online.
Write a two to three page paper in which you:
1. Develop a detailed plan to approach and secure the incident scene based on the information you
have from the scenario.
2. Discuss the initial steps you would take for the investigation, depending on whether or not the
attack is still in progress. Include how your actions would differ based on the current status of the
3. Explicate the importance of creating an order of volatility by identifying the potential evidence that
is the most volatile. Explain, in detail, how you would extract this evidence.

Download Now
(sent via email)

Close Menu