Enterprise Cybersecurity Please answer questions and provide reference for each. Topic 1 -- Computer Forensics A. Explain the role of signature analysis in computer forensics and discuss one of its...

1 answer below »


Enterprise Cybersecurity


Please answer questions and provide reference for each.


Topic 1 -- Computer Forensics

A. Explain the role of signature analysis in computer forensics and discuss one of its corresponding issues.
B. Choose one tool and one technique and discuss how they have proven vital to accurate signature analysis?
C. Discuss one technique that an intruder might undertake to thwart attempts to track his or her activities on the corporate intranet?

Topic 2 -- Digital Evidence

A. Discuss one of the general set of procedures that an enterprise should follow to preserve digital evidence when faced with a suspected insider breach if information security?
B. Discuss the issues this procedure may legally face?

Topic 3 -- Non-repudiation

A. Identify and discuss two mechanisms or capabilities in information systems which provide the non-repudiation security dimension?
B. For each mechanism discuss the security measures for protecting and preserving the non-repudiation data?

Topic 4 -- SOX and GLBA

A. Choose one aspect of either act and describe the requirement.
B. Discuss the benefit to an enterprise, individual or the courts derived from the requirement?
C. Discuss the objections to the requirement that an enterprise, individual or the courts might cite?




Document Preview:

Enterprise Cybersecurity Please answer questions and provide reference for each. Topic 1 -- Computer Forensics A. Explain the role of signature analysis in computer forensics and discuss one of its corresponding issues. B. Choose one tool and one technique and discuss how they have proven vital to accurate signature analysis? C. Discuss one technique that an intruder might undertake to thwart attempts to track his or her activities on the corporate intranet? Topic 2 -- Digital Evidence A. Discuss one of the general set of procedures that an enterprise should follow to preserve digital evidence when faced with a suspected insider breach if information security? B. Discuss the issues this procedure may legally face? Topic 3 -- Non-repudiation A. Identify and discuss two mechanisms or capabilities in information systems which provide the non-repudiation security dimension?   B. For each mechanism discuss the security measures for protecting and preserving the non-repudiation data? Topic 4 -- SOX and GLBA A. Choose one aspect of either act and describe the requirement. B. Discuss the benefit to an enterprise, individual or the courts derived from the requirement?   C. Discuss the objections to the requirement that an enterprise, individual or the courts might cite?



005_wkqoapo-iubnivwx.docx
Answered Same DayDec 23, 2021

Answer To: Enterprise Cybersecurity Please answer questions and provide reference for each. Topic 1 -- Computer...

David answered on Dec 23 2021
123 Votes
Enterprise Cybersecurity

Topic 1 -- Computer Forensics
A. Explain the role of signature analysis in computer forensics and discuss one
of its corresponding issues.
Signature analysis is required to support the computer forensics process and it is used
as part of the main process. In the signature analysis step, the content, the header and
the extension of files are compared with an already verified database of files, headers
and extensions in order to check all files even hidden existing on a storage media. File
signature is the set of header’s information describing the type of the file and the
application creating the file and each file has a unique signature. One of the main issues
is that files can be hidden and a simple search through a disk is not enough to locate
the forensic evidence [1]. Besides, modifying the filename extension is one of the data
hidden techniques that can be used to trick the investigator to believe that the file is of
another format. The main objective of the file signature analysis is to be able to detect
such tricky modifications and once located, a further investigation has to be performed
on such files, narrowing the search space.
B. Choose one tool and one technique and discuss how they have proven vital to
accurate signature analysis?
The file signature analysis is performed using forensic methods and techniques such as
the EnCase application which gives to the user the possibility to check and examine a
disk image and carry out several distinct procedures [2]. Such tools make use of an
extensive list of publicized file signatures and match them with files’ extensions. If a
mismatch is found then the file’s extension has obviously been modified and the file
would warrant a closer examination.
Mainly file Signature Analysis is always used for two main objectives:
1. Spotting file signature and file extension mismatches,
2. File carving which is a process used to identify file headers and footers using
predefined file signatures.
The given process is typically adopted to locate deleted files to be able to analyze them
to perform investigation. However, with millions of files stored on the hard disk and
some of which are system files, such process can be carried out before File Signature
Analysis is carried. This technique is called hash analysis. In practice, hash analysis
works by comparing hashes of files from disk with a list of predefined file hashes. Those
which match can be of two categories, known and notable. The given process is simply
used to automate the task of locating those files which can be ignored e.g. typical
system files and those which can be of evidentiary importance e.g. Internet browser
history files.
C. Discuss one technique that an intruder might...
SOLUTION.PDF
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here
Have files?