- ATHE Level 6 Unit 2: Assesses the impact of leadership and management skills and behaviours : Personal Leadership and Management Development Assignment, UK
- QUALIFI Level 5 Part 02 Unit 9500: A pilot Research Project is the small scale research project that is intended to highlight the pros: Research Project, UK
- QUALIFI Level 5 Part 01 Unit 9500: Research Project, UK Professional Development Academy
- You are to prepare a discussion paper aimed at the group of middle managers in your organisation : Personal Leadership and development, Assignment, UK
- Critically analyse the environment facing YourOrg, and identify the central issues confronting YourOrg resulting : Strategic Management Assignment , CMU, UK
- Unit 15: This assignment requires you to analyse, design, develop, and evaluate an Internet of Things (IoT) application: Transport Network Design (L5), Assignment BTEC, UK
- Clearly differentiate the terms organisational mission, vision and strategy: Strategic Leadership And Management In Context, Assignment, UK
- ATHE Level 7 : Understand the importance of financial data in formulating and delivering business strategy : Finance for Strategic Managers, Assignment UK
- CMI Unit 703 : Collaboration and partnerships can turn ideas into reality, enhancing opportunities for innovation and creativity, research and development : Collaboration and Partnerships, Assignment, UK
- 7OS01- Explain how the Employment Tribunal, the County Court, The Health and Safety Executive and the Information Commissioner : Advanced employment law in practice, Assignment, UK
- ILM 308 – Describe the factors that will influence the choice of leadership styles or behaviours in workplace situations: Understanding Leadership Level 3 Assignment , UK
- Level 5 CMI Unit 526 – Mark Sheet: Principles of Leadership Practice, UK
- Level 5 CMI Unit 526 : Understanding of ethical leadership and the impact of culture and values on leadership- Principles of Leadership Practice, Assignment, UK
- CMI Unit 501: Examine the impact of legal status on the governance of an organisation- Principles Of Management And Leadership In An Organisational Context Level 5 Assignment, UK
- ILM Level 5 Effective Communication Skills, Assignment , UK
- ILM Level 3 – Describe the factors that will influence the choice of leadership styles or behaviours in workplace situations Referral : Understanding Leadership styles, Assignment, UK
- CMI Unit 502 Understand approaches to developing, managing, and leading teams: Principles of Developing, Managing and Leading Individuals and Teams to Achieve Success, Assignment, UK
- R033 Supporting individuals through life events, Set Assignment, OCR, UK
- Working in partnership in health and social care, Assignment, UK
- CMI Unit 5034 Problem solving tools and techniques for consultants, Assignment, UK
Describe and critically analyze the approach you will take from a technical perspective to develop an understanding of what has happened: Digital forensic Assignment MUL, UK
| University | Middlesex University London (MUL) |
| Subject | Digital forensic |
Learning Outcomes Assessed
LO1: Discuss the need for and uses of Digital Forensics
LO2: Critically evaluate and implement Digital Forensics techniques
LO3: Analyse malware and perform intrusion analysis
Task 1:You need to act swiftly to preserve as much evidence as you need to uncover what is going on. TDS is not expecting any downtime at the moment. Describe and critically analyze the approach you will take from a technical perspective to develop an understanding of what has happened. Task 1 is purposely vague because we are allowing you a wide scope to develop your own critical thinking in your approach, but there are some hints below of what you might want to consider. Notice that the organization has Active Directory installed. Are the client Pcs joined to the domain? Are the logs saved locally or remotely? What is the benefit of both? At the moment you’re looking at a breach that has been initially noticed from the following Operating Systems: – Windows 7 PC – Windows Server 2019 server. So for all of these tasks you should be describing your approach, and critically analyzing your approach.
What will you request access to, and how will you use that data or information provided?
Do You Need Assignment of This Question
You would want access to the 2 computers for sure, but would you need to check out the other computers? Why so? What could have happened to them? What is this data you will need access to? Do you need to know what websites staff have been visiting? Do you need to check their emails? Who do you talk to to get this? Are you in a legal position to have access to this data?
Consider multiple possibilities without coming to early conclusions. Establish some sort of process and express it possibly with the help of a diagram, flow chart, or other. So here you might want to consider the 8 steps of forensics analysis we talked about in Week 2. Is there another framework you might consider? You should purposely consider a wide range of options that might have happened. Did this come in through a social engineering attempt? An attack on the computer from outside? Server 2019 is new but Win7 is quite old. More options for an attack there. Identify any tools you may use, including built-in tools. So think about what tools you could use at this point, would you go looking for indicators of compromise in the logs in event viewer? Eg. Known malicious Ip addresses, malware hashes? What are some of the event IDs you could look for? Would you use third-party tools? Is there a cost to them? A pros and cons list of different tools and options would be good to see in a table. Remark upon the impact on the business of the approach(es) you decide to take. What action will running these tools have? Will it affect the integrity of the machine? Will we lose or tamper with existing files/logs by doing anything here that could hinder our efforts later on? Again the format of this is quite open to you to choose how to go about answering this. I would advise you to consider these options, but make sure you do it yourself. More marks will be awarded for critical thinking.
Task 2
CDFnS Makes Progress Following Task 1, you find out that: Some logs have been deleted on the Server (the security logs that are normally viewable in Event Viewer). Thousands of logon attempts were made from the Windows 7 client to the Windows Server before successfully getting access to the admin account. These attempts were made from the client machine on the same evening that it was also downloading files from the file server under the user’s account, with access to a limited number of files. Some logs have been deleted on the Windows 7 client. Once the attacker had gained access to the Server admin account, he could access any files on the file server, and more confidential files were accessed. Neither the Windows 7 client nor the Windows Server 2019 have been rebooted since the event. You propose to take a memory dump and copy of the hard disks for each machine. TDS would like to get to the bottom of this, and accepts, even if they have to take the server offline overnight (for not more than 12 hours). So you’re proposing disk dumps and memory dumps of both the win7 and server 2019 machine now. Your process should take no longer than 12 hours. Getting this done in less than 12 hours all depends on your method of interrogating these dumps.
Buy Answer of This Assessment & Raise Your Grades
Explain the benefit of taking memory and disk copies of both machines. For each, what can you expect to determine? What can you find in the RAM dump that you can’t find in the disk dump? And vice versa. What do you get from a disk dump you cannot get from analyzing logs?
For either the Windows 7 client or the Windows Server 2019: Describe briefly the process of taking a memory copy and a disk copy, minimizing impact. For both memory and disk images, describe and critically analyze the approach you would take from a technical perspective to develop a further understanding of what has happened. Identify any tools you may use, and the use of those tools. Consider the precaution is taken and the reason for those cautions. This is all quite self-explanatory. So for the server 2019 OR Win7 OS (you need to specify), you need to talk about software/hardware tools that you could use to take a disk dump and a memory dump for each of them. Show the process of this in screenshots for more marks. You should make sure you reference your screenshots with your J number if it was your own screenshot. Else add a reference to the author of the screenshot. The tools that you use, are they free or paid? What are the pros and cons of each?
Are You Looking for Answer of This Assignment or Essay
Achieve academic excellence with our top-tier assignment help UK and Essay Writing Service UK! If you’re a student at Middlesex University London (MUL) pursuing the subject of Digital Forensics, we’re here to support your academic journey. When tackling the Digital Forensic Assignment that requires a critical analysis of your technical approach, our expert team is here to guide you through. Don’t let coursework challenges hold you back; pay our experts to help you excel in your studies at MUL, UK.
Answer
