Question
You are working as Digital Forensics Expert for an IT company with 100 employees and 5000 customers. Some of the employees are remotely located and
You are working as Digital Forensics Expert for an IT company with 100 employees and 5000 customers. Some of the employees are remotely located and working from home. Customers are also geographically dispersed and can access the services provided by company via cloud. Company has email servers, database servers and web servers which are in house. Company also has external partners and suppliers who need to access company systems time to time. There was Malware attack on the VM and missing files in the Cloud Virtual Machine. Virtual Machine snapshot, disk image are saved or need to be created. Network traffic is also captured to check Malware traffic/event. Company asked you to check/create evidence of data theft and malware attack on the machine to protect the company systems and network from various cyber security attacks. Discuss and explain the following: a. How should you start the investigation ? (8 marks) b. How can you look for evidence in disk image ? How to create/analyse image ? (8 marks) c. How can you analyse the captured traffic ? What should you look for in the traffic ? (7 marks) d. What should you propose to find out other affected systems by the malware ? (7 marks)
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started
Databases Illuminated
Authors: Catherine M Ricardo, Susan D Urban
3rd Edition
1284056945, 9781284056945
