Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

As a security investigator, you have been asked to determine if company confiden

ID: 3878471 • Letter: A

Question

As a security investigator, you have been asked to determine if company confidential information (intellectual property) has been copied from enterprise computers. Investigation centers on a particular computer that has shown a high volume of network traffic at unusual times. In the course of conducting your investigation you discover that large capacity removable media has been attached to the suspect computer. A preview examination reveals that software used for secure deletion had been downloaded to the desktop. Prepare an investigative plan listing the lines of investigation that you plan to pursue.

Explanation / Answer

Answer)

As a security investigator my job would be to secure the company data and maintain confidentiality. Thus the suspicious activity occurring on a particular computer that has shown a high volume of network traffic at unusual times should be given attention to. In addition to this, a large capacity of removable media was used on the suspect computer and also secure deletion software was used to delete the data that had been downloaded to the desktop. This scenario calls for an investigation and a investigative plan is necessary.

1. Pull out records digital or paper to find out who the computer is allocated to and what is it primarily used for by that person

2. Find out details of logging in and logging out by the user and which user downloaded the contents at the off peak hours

3. Find suitable and efficient software and analyze the data in the suspect computer so as to recover any data that was deleted by the secure deletion software.

4. We must recover the data which was deleted or maybe transferred from the computer and do a forensic investigation on the hard disk of the suspect computer.

5. We should talk to security and monitor cctv feeds so as to see that who was near that computer that time or if somebody might have used somebody else's id and password to login and access the details at unusual times.

6. We should arrive at a conclusion only after checking every possible scope and should to jump to any conclusion. We have to analyze that what data might have been leaked outside the company.

Related Questions

As a result of flood damage a supermarket has a very large stock of tins without
Question #3383730
As a result of friction, the angular speed of a wheel changes with time accordin
Question #1352409
As a result of glycolysis, there is a net gain of _____ ATP(s). A) 0 B) 1 C) 2 D
Question #83218
As a result of having multiple origins of replication, eukaryotic organisms are
Question #166922
As a result of his observations. Ole Romer concluded that the time interval betw
Question #1898218
As a result of large recent trade surpluses, China (in particular, its central b
Question #1201593
As a result of loan write-offs, Bank A has to be liquidated by the regulators. T
Question #2682837
As a result of many phases of trial and error, two methods for producing playing
Question #2636874
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
As a secondary mathematics teacher, Hernandez conducted a study that explored wh
Next
As a senior corporate financial analyst you were approached by the Matthew Corp.

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.