Loading...

Messages

Proposals

Stuck in your homework and missing deadline? Get urgent help in $10/Page with 24 hours deadline

Get Urgent Writing Help In Your Essays, Assignments, Homeworks, Dissertation, Thesis Or Coursework & Achieve A+ Grades.

Privacy Guaranteed - 100% Plagiarism Free Writing - Free Turnitin Report - Professional And Experienced Writers - 24/7 Online Support

Patrick the human resources manager at acme company

23/11/2021 Client: muhammad11 Deadline: 2 Day

Final Project Milestone One: Draft Of Report

To complete this assignment, review the prompt and grading rubric in the Milestone One Guidelines and Rubric document. When you have finished your work, submit the assignment here for grading and instructor feedback.

ISE 640 Final Project Forensic Notes

Use the information in this document to help you complete your final project.

Drew Patrick, a director-level employee, is stealing intellectual property from a manufacturing company. The company is heavily involved in high-end development of widgets. Drew has access to corporate secrets and files. He is planning on leaving the company, taking the intellectual property with him, and going to work for a competitor. There is suspicion of him doing this, so human resources (HR) notified the information technology (IT) department to monitor Drew’s past history. An internal investigation is launched due to Drew’s abnormal behavior. The IT department confirms that they have found large files and emails. Forensics identified unauthorized access, transmission, and storage of intellectual property by Drew. Evidence found will be used to support legal civil and criminal proceedings.

Scenario ACME Construction Company designs, manufactures, and sells large construction vehicles that can cost upwards of a million dollars. They spent hundreds of thousands of hours redesigning their premier excavator. Every piece that goes into the excavator is individually designed to maximize the longevity of the equipment. Known for attention to detail, high-quality work, and industry innovation, this painstaking work is what sets ACME Construction company apart and is attributed for the excellent reputation they enjoy. This, in turn, allows them to charge a premium on their exceptionally well-built products.

Drew Patrick is a senior manager directly involved with the overall development of ACME’s excavators. His role provides him with access to design documentation, schematics, support documents, and any other technical references maintained in the company’s research and development (R&D) database. The R&D database is maintained by ACME’s information technology (IT) department, which is supported by a security operations center (SOC). The SOC uses Snort as a core component of their security information and event management (SIEM) system to keep tabs on network traffic, authentication requests, file access, and log file analysis.

The SIEM alerted SOC personnel of potential peer-to-peer (P2P) traffic originating from the internet protocol (IP) address associated with Drew’s computer. However, analysis of Active Directory logs indicated that Drew was not logged into his account at the time the files were transferred via the P2P application. ACME enforces two-factor authentication and does not allow for computer sharing. The SOC personnel began an incident report based on the identification of P2P traffic, which violates company policy. As per company policy, the SOC personnel gave human resources (HR) and the legal team the incident report. The legal team asked for further investigation. Upon further inspection of the P2P activity, several file transfers were discovered. The files transferred match the names of files in the R&D database containing intellectual property developed by Drew’s development team. Additionally, the files were transferred to IP addresses that are not owned or controlled by ACME Corporation.

Analysis of the server access logs indicated that Drew had been logging into the R&D database for several weeks prior to the external file transfers taking place. Network logs from the Intrusion Prevention Systems (IPSs) indicated that the files of interest had been transferred to Drew’s desktop computer prior to the external transfer. ACME has a strict policy against maintaining intellectual property anywhere other than the designated servers. File access logs on the R&D servers confirmed that the account belonging to Drew had copied the files in question.

At this point, fearing a loss of intellectual property, in addition to numerous policy violations, ACME called in the digital forensic team to take over the investigation. The forensics team proceeded to capture the log files from relevant computer systems and created a forensically sound copy of the hard disk drive on Drew’s computer. The log files investigated included the corporate mail, domain name server (DNS), and dynamic host configuration protocol (DHCP) servers, as well as physical access logs. Additionally, packet capture logs from the firewalls and intrusion detection system (IDS) were gathered and analyzed. This detailed investigation revealed that file transfers of intellectual property were indeed done from Drew’s computer, however, Drew’s account was not logged in at the time of the transfer. The only account active on the suspect computer was an anonymous account that had been created on 9/17/2016 at 9:57 p.m.

The following notes were provided by the Forensic Team:

Forensic Team Investigation Notes Notes from the investigative team about the forensic findings of the hard drive image obtained from Drew Patrick’s hard drive:

 Chain of custody document was begun with the sizing of the Western Digital Hard Drive 500 GB with serial number NB497356F from Drew Patrick’s computer.  Hard drive was duplicated using forensic toolkit (FTK) software to preserve the original hard drive image. A hash was created for the original and the copied image to prove both images were the same.  The operating system of the image was Windows-based. The operating system used a new technology file system (NTFS) file structure.  The hard drive was analyzed using Autopsy and Windows Forensic Toolchest. The sort and index functions were used to isolate the files needed for further analysis. These files include types SQL, Excel, email, chat, and HTML. Slack space was also analyzed.

Files and Findings EMAIL (Microsoft Outlook): Numerous emails were found that contained references to proprietary information. Some emails were to non-ACME Corporation email accounts, and they promised information pertaining to equipment design. Follow-up emails were found that asked for assurance of a promised managerial position.

CHAT (AOL Instant Messenger): Several chat conversations were recovered containing information about possession of proprietary documents.

SQL (Microsoft Database): SQL database files revealed proprietary information and connection logs to a remote SQL server. Two additional SQL database files were encrypted and were not successfully unencrypted.

EXCEL (Microsoft Excel): Numerous Excel files were located on the hard drive. These files contained parts list and parts specifications concerning proprietary construction equipment. These files had csv and xls extensions.

HTML: Recovered internet web browser cache revealed that the dark web was searched for proprietary information brokers. An email address was created to correspond in the dark web for buyer transactions called constructionseller@darkweb.com. Internet cache also revealed that YouTube was searched for the subjects “selling intellectual property” and “selling on the dark web.” Recovered internet browser history revealed pictures and illustrations on encrypting SQL database files. Internet browser history also revealed searches concerning how to exploit the vulnerabilities of an SQL database.

SLACK SPACE (hidden data and temporary files): Hidden information in the slack space was revealed to contain temporary internet files on searches for “advertising stolen data” and “hacking sql servers.” These files, once revealed, were in plain text and read using Notepad.

ISE 640 Milestone One Guidelines and Rubric

Overview: The milestone assignments in this course directly support you in the completion of your final project, a forensic investigative report. Consider the feedback you have received in class discussions, along with notes you have made in your non-graded investigative journal, to complete this milestone assignment.

This is Milestone One, a draft of Final Project One: Report. The final product will be submitted in Module Nine.

Please note that your non-graded investigative journal will be submitted with this milestone to ensure completion. Make sure that you are adding to your investigative journal as you complete each module.

Prompt: For the summative assessment, you will be taking on the role of a cybersecurity practitioner. You will need to act as a domain expert communicating to a non-expert stakeholder. For this milestone, you will be providing a summary of the scenario from the forensic notes document. You will also be explaining the relevant procedures needed to maintain evidentiary integrity: legal concerns, processes and procedures, and chain of custody. Lastly, you will be explaining details of the investigation, such as resources needed, methods, and findings. Ensure you review the full scenario in the main project document as well as the forensic notes document before drafting your report.

Specifically, the following critical elements must be addressed:

I. Executive Summary: Set the stage for your report, providing a brief overview of the situation and the stakeholders who are involved.

II. Legal Concerns: Describe the problem(s) and objectives you are working with the company’s attorneys to solve.

III. Relevant Procedures: In this section, you will outline the steps that (hypothetically) you will have to take prior to or as you investigate in order to maintain evidentiary integrity. Use your experiences from other situations you are engaging in within the lab environment to inform your responses.

A. Processes and Procedures: Describe processes or procedures necessary for handling a criminal situation by an internal employee.

B. Chain of Custody: Explain how to maintain the chain of custody as you investigate the various aspects of the incident. Support your response with specific examples.

IV. Details of Investigation: Based on your experiences in the labs, there will be specific resources, methods, and tools necessary to support the investigation in the scenario.

A. Resources Needs: Explain what resources (team knowledge, skills, and abilities) are necessary for gathering the evidence for this forensic investigation. Provide examples based on your experiences from the labs.

B. Methods: Describe the specific forensic method or approach you used to effectively leverage your available resources.

C. Findings: Describe the specific findings and the forensic tactics and technologies you employed to reach them.

V. Investigative Journal Notes: Submit your investigative journal that outlines most of the basics from each of the modules upon which you based your notes.

Rubric

Guidelines for Submission: Your assignment should adhere to the following formatting requirements: Write 4 to 5 double-spaced pages using 12-point Times New Roman font and one-inch margins. You should use current APA style guidelines for your citations and reference list. Be sure to attach both Milestone One and investigative journal files.

Homework is Completed By:

Writer Writer Name Amount Client Comments & Rating
Instant Homework Helper

ONLINE

Instant Homework Helper

$36

She helped me in last minute in a very reasonable price. She is a lifesaver, I got A+ grade in my homework, I will surely hire her again for my next assignments, Thumbs Up!

Order & Get This Solution Within 3 Hours in $25/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 3 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 6 Hours in $20/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 6 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 12 Hours in $15/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 12 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

6 writers have sent their proposals to do this homework:

Finance Homework Help
Unique Academic Solutions
Chartered Accountant
Accounting & Finance Master
High Quality Assignments
Isabella K.
Writer Writer Name Offer Chat
Finance Homework Help

ONLINE

Finance Homework Help

I can assist you in plagiarism free writing as I have already done several related projects of writing. I have a master qualification with 5 years’ experience in; Essay Writing, Case Study Writing, Report Writing.

$43 Chat With Writer
Unique Academic Solutions

ONLINE

Unique Academic Solutions

After reading your project details, I feel myself as the best option for you to fulfill this project with 100 percent perfection.

$40 Chat With Writer
Chartered Accountant

ONLINE

Chartered Accountant

I am an experienced researcher here with master education. After reading your posting, I feel, you need an expert research writer to complete your project.Thank You

$48 Chat With Writer
Accounting & Finance Master

ONLINE

Accounting & Finance Master

I am a professional and experienced writer and I have written research reports, proposals, essays, thesis and dissertations on a variety of topics.

$49 Chat With Writer
High Quality Assignments

ONLINE

High Quality Assignments

I am an experienced researcher here with master education. After reading your posting, I feel, you need an expert research writer to complete your project.Thank You

$26 Chat With Writer
Isabella K.

ONLINE

Isabella K.

After reading your project details, I feel myself as the best option for you to fulfill this project with 100 percent perfection.

$50 Chat With Writer

Let our expert academic writers to help you in achieving a+ grades in your homework, assignment, quiz or exam.

Similar Homework Questions

Research Proposal On The "Impact Of Organisational Culture On Personnel Performance In Nigeria Civil Service" - JAZZ - Music appreciation concert report - Lest innocent blood be shed sparknotes - Ray bradbury inspiration for fahrenheit 451 - Evidence for evolution powerpoint notes answer key - Comprehensive problem 4 accounting - Nu tool industries inc - The total variable cost of producing 5 units is - Reaction of a metal with hydrochloric acid lab answers - Swannview link for android - Experiment 1 observation of mitosis in a plant cell - Only know you love her when you let her go - Formic acid and sodium formate buffer - Shower drain heat exchanger - Buried in treasures support group - Comar 10.27 09 - 636 w rosewood ave san antonio tx 78212 - Healthcare Informatics and Technology - Gucci target market 2019 - DISCUSSIONS AND REFLECTION - Patricia benner novice to expert theory powerpoint - Biosocial domain examples - Surface area to volume ratio experiment potato - Water refilling station for sale - Mannie fresh the mind of mannie fresh zip - Content writing - Discussion - Mye application form for construction - 1000 word case study due in 5hrs 8:00pm Central Time - Business - Approaches to psychology practice worksheet answers - Social and political history US - HELP - Ati active learning template nursing skill - Accumulator register in 8085 - Agent loki international man of mayhem - Eng Writing Assgn 2 - A company issued 5 year 7 bonds - Roberto acuna talks about farm workers summary - Nichole marie strazinsky cause of death - Kriegspiel game for sale - Disadvantages of system analysis and design - What is a non-linear narrative - Vote in the US ELECTIONS PSC101 DISCUSSION - Domenic maisto wanted in ohio - Management - Who are the johnsons in a raisin in the sun - 6 - White Paper on Strategic Planning for Emerging HIT Competency - Heart rate experiment lab report - 3rai assignment - Comparison table of mitosis and meiosis - Chemistry 101 balancing equations worksheet answers - Romeo and juliet assignment ideas - Http www sumanasinc com webcontent animations content pcr html - Faces in the crowd valeria luiselli pdf - Formulating leadership part ii powerpoint - Journal - Minimum two pages, not including title or reference pages - Crisis communications a casebook approach 5th edition - Ändern Sie langweilige Klingeltöne mit WhatsApp-Klingeltönen für Handys - Lord clarke of hampstead - Phlebotomy tube colors and order of draw - Sermon on the Mount Group Assignment - Cheaters monopoly starting money - Network Implementation - Explorations in conceptual chemistry activity 6a answers - Modern shakespeare romeo and juliet - Human Service Dicussion Questions - A new assignment - Introduction to personality and psychotherapy a theory construction approach - 1st sem movie reflection paper - Tlp logixpro simulator software download - Strengths and weaknesses of disney - Menulog stuck on assigning driver - Commitment a cautionary tale and provide an example - Current Event Article - Shipping forecast fair isle - Cisco nexus 9000 datasheet - Topic 6 insolation and the seasons answers - Compute worley's customer margin for university and memorial - After the success of the company's first two months - Writting 2 - Microeconomics HW - What are the benefits and challenges associated with business 2.0 - Evidence Based Data Used in Clinical Practice - Moody bible distance learning - 3 theories of term structure of interest rates - Fast food nutrition assignment - ?same-day 0833173182 Ixopo ABORTION CLINIC // PILLS in South Africa,,,, - Proof variance of geometric distribution - PC BUILD AND MANUAL PART 1 - In alphabetical order below are balance sheet items - Catapult officer hand signals - Scientific method game walk the plank - Organizational Economics DQ - Dis 4 - Word equation for combustion of hydrogen - Data Accuracy Discussion - Chronicle of Higher Education Assignment - Urgent - 12-16 Hours - The canterbury tales prologue questions and answers