Describe the exact investigative techniques

Assignment Help Management Information Sys

Reference no: EM131987005

With the identification and preservation of the physical and digital evidence completed the incident response team must now enter the data collection phase.

During the data collection phase, the investigative team must collect volatile evidence first, and non-volatile second. Describe the volatile and non-volatile evidence types to be collected and the methods to both collect and analyze the two types of evidence.

Describe the volatile live acquisition process to collect evidence related to system memory and registry changes and analysis methods conducted over this evidence.

Describe the non-volatile acquisition process of evidence collection over powered down systems and devices, and the related analysis methods used over non-volatile evidence.

Describe the exact investigative techniques that you would use to analyze the users' information, habits, and history for each program.

Explain the reasons for your selected techniques.

Remember to address forensic evidence you might find relating to the ransomware attack. You should be making references to specific directories, files, file types, registry entries and log files which point to sources of the incident forensic evidence.

The 16-18 slide PowerPoint presentation should include the following:

Title Slide (1)

Topics of Discussion Slide (1)

Windows 10 Operating System (3 slides)

Registry and Memory (2 slides)

Internet Explorer (3 slides)

Outlook e-mail (2 slides)

Photoshop (2 slides)

Office (3 slides)

References Slide (1)

Reference no: EM131987005

Questions Cloud

How many months after the decedents death : If the executor of a decedent's estate elects the alternate valuation date, and none of the property included in the gross estate has been sold or distributed

What makes a successful balanced scorecard for a health care : Describe the idea of balanced scorecard in modern health care delivery. What makes a successful balanced scorecard for a health care organization today?

Charitable trust arrangement in a fixed income interest : Which estate planning tool would be used in this scenario, CRUT, CRAT, pooled income fund or charitable lead trust?

Exceed the balance sheet item retained earnings : Dividend payments cannot exceed the balance sheet item "Retained earnings." This is known as the _____.

Describe the exact investigative techniques : With the identification and preservation of the physical and digital evidence completed the incident response team must now enter the data collection phase.

Death of the last income beneficiary : A charitable trust arrangement in which a fixed income interest (worth at least 3% of the initial net FMV of the property paid in trust) passes

Write an essay about special interest or major importance : Write a short essay (500 words) in Microsoft Word about any topic of special interest or major importance for you.

What issues should blitzer have considered : What issues should Blitzer have considered when trying to value Wolf's NOL prior to its sale? What tax issues should Wolf now consider

Calculations of risk neutral option pricing approach : So why is that the case and how is risk-neutral assumption greatly simplifies the calculations of risk neutral option pricing approach?

User Account

All Pages