COM7006 IT Security Management Assignment

Assignment Help Other Subject
Reference no: EM132563277 , Length: word count:5000

COM7006 IT Security Management - Arden University

Assignment Brief

As part of the formal assessment for the programme you are required to submit an IT Security Management assessment. Please refer to your Student Handbook for full details of the programme assessment scheme and general information on preparing and submitting assignments.

Learning Outcome 1. Evaluate the fundamentals theories, models, and ethical practices of security management in an enterprise.

Learning Outcome 2. Critically understand the fundamentals of the security risk management process.

Learning Outcome 3. Analysing existing theories and methodologies in the field of IT Security Management.

Learning Outcome 4. Critically investigate an organization's IT Security Management policy.

Learning Outcome 5. Proposing countermeasures for security attacks.

Learning Outcome 6. Critically apply security detection techniques, auditing, testing, incident management, and recovery plan.

Effective Communication

Communicate effectively both, verbally and in writing, using a range of media widely used in relevant professional context. Be IT, digitally and information literate.

Part 1

Developments in the world have shown how simple it is to acquire all sorts of information through the use of computers. Today, social networking services have become a fundamental element in people's lives, as social networking sites are able to connect people, help them get updates from around the globe, and also make their lives easier by providing other information. This information can be used for a variety of endeavours, and criminal activity is a major one. In an effort to fight this new crime wave, law enforcement agencies, financial institutions, and investment firms are incorporating computer forensics into their infrastructure. From network security breaches to child pornography investigations, the common bridge is the demonstration that the particular electronic media contained the incriminating evidence. Supportive examination procedures and protocols should be in place in order to show that the electronic media contains the incriminating evidence. This part is due in week 9. (2,500 words)

You are a computer forensics consultants/ digital forensics investigator at UK law firm Duncan Lewis Solicitor Company, your responsibilities will include but not limited to:
a) Good Practice Guide for Digital Evidence: Provide professional advice to staff to best practice and procedures for investigating digital and electronic devices.

b) Initial risk assessments ensuring that the devices submitted are safe to be examined.

c) Use forensic software and hardware to capture, retrieve, recover and extract data from mobile phones and portable devices in a forensically sound manner whilst keeping a log of the processes used. Where necessary photograph or video record the steps of the process.

d) Keeping a full log of steps and processes undertaken conduct thorough yet focused digital forensic investigations on computers, and other digital devices including smart phones for all cases.

e) Developing forensic processes, techniques and programmes in line with advancements and changes in technology, ensuring they meet accreditation standards and integrity for court.

f) Provide a scene response to digital investigations from the case strategy through to the investigation into recovered digital media. Provide a complete service from the outset of an investigation to the recovery and production of evidential reports.

g) Prepare detailed statements and case specific reports in a format suitable for intended purpose.

h) Provide expert interpretation of evidence produced.

i) Attend court when required in the capacity of the Digital Forensic Investigator.

Task 1
You have been asked by the company to write a technical report to assist law enforcement agencies and prosecutorial offices including all the above responsibilities.

Task 2

To address the complete investigation process you have to select a series of guides dealing with digital evidence showing proper evidence handling.

The guides in the series will address the followings:

a) Design a research method (case study) that contains information about:

1. The suspect
2. The background and context at which the case has taken place
3. The suspected criminal activities.

b) Tools and techniques used to commit Cyber-Crimes (e.g. Visual disk image), including provide professional guide to staff for how to create activities tracing disk image (i.e. files the suspect may have deleted, overwritten, modified, etc. You can also move files around).

c) Creating a digital evidence forensic: You need to create a discussion thread in iLearn and post
1. The disk image file
2. The meta-data file that contains the hash values etc. of your disk image
3. The case description file

You will also need to send a solution file of this case (i.e. evidences to be found and where supported by some screenshots) to your tutor's email. Do not publish this file to the public discussion forum!

d) Presenting digital evidence in the courtroom: You should completely and accurately report the findings and results for a court of law explaining the suspect's recent activities. Analysing critically your findings, you must support your findings by some screenshots.

Provide annotated screenshots along with an executive summary of the findings and a conclusion.

Part 2

The main goal of designing secure networks is to manage the risks as effectively as possible, rather than eliminating all the threats. Recently, UK law firm Duncan Lewis alerted regulatory bodies and the National Crime Agency Action Fraud team that a data breach occurred in their firm. According to a report in the Law Society Gazette, hackers infiltrated the IT system of the national firm to harvest data before attempting to spread data through social media. Duncan Lewis urged people not to open any links to Twitter accounts that may contain sensitive information as it worked to contain the data breach. To protect their clients, the firm secured a High Court Injunction preventing the use, publication, communication or disclosure to any other person of any information obtained from Duncan Lewis' IT systems. Hacking is proving a major headache for law firms and other professional services. The Solicitors Regulation Authority, which receives around 40 reports of confidentiality breaches each month, stresses the importance of running the latest versions of software, in particular, browsers and operating systems, and to keep them up to date.

You have been asked by Corporate Law Solicitor Company to build a secure network for a company to prevent hackers from targeting your law firm. The budget, however, needs to be justified. Thus, you will need to design the layout of users, domains, trusted domains, anonymous users etc. This part is due in week 12. (2,500 words)

1. Propose the network topology for various servers and the assumed location for trusted domains such as the location of your firewalls and Intrusion Detection Systems (IDS).

2. List the common security assumptions in your design that lead to data theft and financial loss

3. Propose FIVE methods for authentication can be used in your design and justify your design choices.

4. Discus how secure File Transfer Protocol (FTP) services protect sensitive data from hackers in network and suggest a mechanism to exchange files securely between users in your design network.

5. The evolution of the Internet has increased the need for security systems. An important security product that has emerged is (IDS). What are the main functions of a network IDS, and where to place it in you design?

6. Investigate the potential security issues in your own design. In other words, criticise your own design listing down the possible vulnerabilities it may have.

7. Explain how you would measure the ROI on security for your system. You should give examples for both tangible and intangible assets.

8. In tips, explain how you could maintain the security to protect your mobile device if the device is infected with malware, it may lead to hidden use of premium services, or leaking sensitive information.

9. How do you encrypt your data (e.g. emails, your files in the cloud and messages) against unwelcome parties?

Attachment:- IT Security Management.rar

Reference no: EM132563277

Questions Cloud

Provide efficient services to students : Duly align with its mission and to provide efficient services to students, BU has planned to provide blended educational services
Discuss benefits of virtualization software : Discuss the benefits of virtualization software, as described in the text. Do you agree/disagree with these benefits, or can you think of additional benefits
Prepare bank reconciliation and related entries : Prepare bank reconciliation and related entries. The September 30 deposit of $985 was included on the October bank statement
Explain windows azure capabilities for virtual machines : Explain Windows Azure capabilities for virtual machines and managing a hybrid cloud, including Windows Azure's Internet as a Service and storage capabilities.
COM7006 IT Security Management Assignment : COM7006 IT Security Management Assignment Help and Solution, Arden University - Assessment Writing Service - Critically understand the fundamentals
Prepare the entries for Todd Company : Required - Prepare the entries for Todd Company for the purchase of the stock, share of McGuire income, and dividends received from McGuire
Build good and beneficial relationships : You mention to one of your neighbours that you have studied how to build good and beneficial relationships using some simple methods
Discuss benefits of virtualization software : Discuss the benefits of virtualization software, as described in the text. Do you agree/disagree with these benefits, or can you think of additional benefits
Make the journal entries for the original purchase : Required - Make the journal entries for the original purchase, dividend, and sale. If an amount box does not require an entry, leave it blank

Reviews

Write a Review

Other Subject Questions & Answers

  PCN605 Psychopathology and Counseling Question

PCN605 Psychopathology and Counseling assignment help and solutions, Grand Canyon University, assessment help - What information do you gather from the data.

  Section of the bhagavad-gita

Read Novak's section of the Bhagavad-gita. What is bhakti? Select two short stanzas in the Bhagavad-gita, which illustrates the notion of bhakti and discuss their meaning.

  Small refracting spyglass telescope

A small refracting spyglass telescope has an objective lens with a diameter of 2 inches. The worlds largest refracting telescope at yerkes obseivrvatory has an objective lens with a diameter of 40 inches. Assuming that all light striking the objectiv..

  Responsible for social change

Karl Marx believed that __________ was the central force for social change while Max Weber believed that __________ was the force most responsible for social change.

  Describe ways that nike could use at least two change

Describe ways that Nike could use at least two change techniques described

  Examine the relationship between drugs and crime

Examine the relationship between drugs and crime. What methods or steps can we take for prevention

  Description and explanation of the type of business entity

Description and explanation of the type of business entity that is best for your business. explanation of how the proposed business would bring glory to God.

  How much bigger or smaller would fedex operations need

How much bigger or smaller would Fedex's operations need to be to serve the local markets of Miami and Surrey? How did you arrive at your estimate

  Productive potential of an individual''s knowledge and skills

The productive potential of an individual's knowledge, skills, and experiences is known as

  What does it take to be a good leader or manager

What does it take to be a "good" leader or manager - What are the primary barriers and challenges associated with health care leadership?

  Examine eligibility requirements for medicaid

Examine at least two (2) eligibility requirements for Medicaid. Debate the extent to which you agree with the fairness of these requirements.

  Warrens defenses to carter''s claim

Carter was hired as a disc jockey by Warren, when he was aged 54. Two years later, during economic hard times for Warren's business, Carter is laid off by Warren. Carter brings a claim of age discrimination against Warren. · Discuss what Carter must ..

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd