ITEC 4341 – Final Project

ITEC 4341 – Final Project
Introduction
Throughout the semester we have covered a broad range of topics ranging from Criminal
and Civil Law through live network traffic collection and analysis. Digital Forensic Practitioners
specializing in Network Forensics must possess competency in all facets of computing,
networking, and technology systems as a whole, truly making them a “Swiss Army Knife” in the
Information Technology field; however, despite their wide range of knowledge and capabilities,
Network Forensics Practitioners have historically been absent in Cybersecurity Incident
Response Plans.
The National Institute of Standards and Technology (NIST) has published two versions
of their Computer Security Incident Handling Guide over the last decade, a guide intended to be
the blueprint for cybersecurity incident response planning; however, the Computer Security
Incident Handling Guide only uses the word “forensics” four times in the discussion on incident
response planning. In footnote 43, the guide states “Evidence fathering and handling is not
typically performed for every incident that occurs – for example, most malware incidents do not
merit evidence acquisition. In many organizations, digital forensics is not needed for most
incident” (2012).
NIST’s incident response guide was the product of four cybersecurity professionals, Paul
Cichonski, Tom Millar, Tim Grance, and Karen Scarfone, who at the time of publication, had
experience only in the traditional information technology domain. They were all problem
solvers by experience, and with the exception of Ms. Scarfone who possessed a Master’s degree
in Computer Science, they all held Bachelor’s degrees in Computer Science. Their education
and experience taught them to diagnose, fix, and attempt to mitigate cybersecurity threats, and
thus, none of them possessed an understanding of what Digital Forensics, or specifically a
Network Forensics Practitioner, could provide during the incident response process.
Cichonski, Millar, Grance, and Scarfone had a limited understanding of forensics, one
which is shared by many leaders in the Cybersecurity world today. As a whole, the
cybersecurity community believes forensics is only needed to conduct an investigation and/or
when they suspect legal action, criminal or civil, is likely to arise out of an incident; however,
this line of thinking is flawed for two distinct reasons:

  1. Any incident response is in fact an investigation. Investigating is simply a process of
    problem solving, and when an incident occurs, problem solving methodologies are
    always utilized to discover the cause of the problem and then correct it.
  2. The belief that forensics is only needed when legal action is anticipated. When first
    responding to a cybersecurity incident, it is impossible to know whether the cause of the
    incident is nefarious or benign. Once the process of investigating the issue begins, absent
    actions to preserve the integrity of data, the ability to utilize the data in court is
    diminished. For this reason, all incident responses should be treated as though they are
    criminal actions until proven otherwise.ITEC 4341 – Final Project
    Assignment
    In order to combat the misinformation which exists pertaining to the role of Digital
    Forensics in the Cybersecurity Incident Response Life Cycle, you will write a whitepaper1 on the
    “Role of the Digital Forensic Practitioner in the Cybersecurity Incident Response Life Cycle.”
    In this paper, you will be required to present:
  3. The current Cybersecurity Incident Response Life Cycle. You can present utilize the
    NIST life cycle, the SANS Lifecycle, or a combination of the two. You cannot create
    your own lifecycle.
  4. The issue(s) created when Digital Forensic Practitioners are not utilized in each step
    of the life cycle. You must address whether or not Digital Forensic Practitioners are
    or are not needed within each step, and what specific value they can add to the
    Cybersecurity Team for each step.
  5. A revised Incident Response Lifecycle, which provides the additional
    responsibilities/capabilities you propose a Digital Forensic Practitioner will add to
    each phase of the cycle. (Note – You do not need to re-list any of the specific
    requirements for each phase of the lifecycle if you listed this information in point 1
    above.
    In order to present the information above, you will need to reference sources we have
    used in class and additional outside sources. You should attempt to utilize the best sources
    possible, which will come from technical documents and articles, court cases and legal opinions,
    as well as academic programs which cover Digital Forensics and Incident Response. A well
    written paper will cover both the legal and technical aspects of the need for Digital Forensic
    practitioners within or throughout the Cybersecurity Incident Response Life Cycle.
    Formatting:
    The general structure for this assignment will largely follow the formatting for a
    whitepaper outlined on the Purdue University Online Writing Lab website, a link to which is
    provided in the footnote below. You WILL NOT be required to include an abstract for this
    project. Your final paper will be submitted as one Word Document2 and MUST INCLUDE the
    following:
  6. A Title Page – It will list the title provided above, your name, your course name, number,
    and section (ie – Network Forensics: ITEC4341-03), and the date of submission.
    1 A whitepaper is a technical paper which is used to propose a solution to a problem, or to present a specific
    position on an issue. These are professional documents, that when written appropriately, can effect change within
    a profession. For more information on whitepapers
    (https://owl.purdue.edu/owl/subject_specific_writing/professional_technical_writing/white_papers/index.html).
    2 Other formats will not be accepted. If you submit assignments as a .zip file, PDF, or anything other than a
    Word document, they will not be accepted. All students have access to Microsoft Word through their MGA
    Accounts.ITEC 4341 – Final Project
    DUE DATE – 11:59 PM, December 1, 2021
  7. Paper:
    a. An introduction paragraph. As this is a professional paper, it should not be a
    colorful display of your grasp of the nuances of the English language, but instead
    should walk the reader down the road of “this is why you should care and keep
    reading” this paper.
    b. Background Section. Emphasis on the word “section.” This will be a multiple
    paragraph section which explains the background of the issue to the reader,
    specifically what is identified in point 1 of the Assignment section above. This
    section will also include the problem, which is what is identified in point 2 of the
    Assignment section above.
    c. Solution Section: Again, a section with multiple paragraphs which outlines your
    solution to the problem you presented in your background section, and then
    supports your position with relevant references/facts. Your solution must be
    clearly communicated, both in what the solution is and how/why it will mitigate
    the problem you defined.
    d. Conclusion: This will simply be one paragraph which summarizes the paper.
  8. References Page: You will include a “References” page at the end of your paper. This
    should be spaced so as to begin at the top of the page immediately following the end of
    your paper. You will utilize APA formatting3 for intext citations and to format your
    references page.
    Other General Formatting Requirements:
    Font: Times New Roman, Size 12
    Tense: The paper will be written in past tense, meaning you should not use statements
    such as “I think, I believe” etc. Instead, conclusive statements should be made such as “The
    inclusion of Digital Forensic data practices are necessary to ensure data integrity in every
    incident response.”
    Spelling/Grammar: Microsoft Word’s built-in spelling and grammar check is an 80%
    solution to common errors; however, it will not replace you proof-reading your work. I
    would recommend each of you intend to finish writing at least two days prior to the deadline,
    and then give yourself a 24-hours mental break before proof-reading your paper. You will
    catch the majority of your mistakes this way.
    3 Purdue Online Writing Labs American Psychological Association format
    (https://owl.purdue.edu/owl/research_and_citation/apa_style/apa_formatting_and_style_guide/general_format.html) ITEC 4341 – Final Project
    Grading Rubric:
    Your grade will be based on your adherence to the following rubric:
    Final Paper Formatting, Structure, and Readability: 15-Points
    2
    Paper Includes all sections (Title Page, Introduction, Summary, Solution,
    Conclusion, and References)
    2
    Paper is at least 6 complete pages in length (not including Title, References, or
    figures)
    1 Paper is in Times New Roman, Size 12 font and double spaced
    3 Paper is free or repetitive spelling and grammar errors
    7 Paper is readable and flows in a logical manner.
    Summary/Problem: 40-Points
    10
    Student identifies and summaries an Incident Response Life Cycle (NIST, SANS, or
    combination of the two) This summary should include and overview of what
    processes occur within each step of the lifecycle.
    20
    Student explains the current problem(s) created when digital forensics practitioners
    are not utilized in the Incident Response Life Cycle. Specifically addressing
    whether or not an issue exists by not including them in each step of the process.
    10 Student addresses both legal and technical implications caused by the problem.
    (+) Student uses Figures to help explain concepts
    Solution: 30-Points
    20
    Student takes a well-defined stance on how to solve the problem(s) identified in the
    Summary/Problem section above. Student must explain how their solution corrects
    or mitigates each issue presented.
    10
    Student provides a breakdown of how/where Digital Forensics professionals and
    practices should be inserted into the Cybersecurity Incident Response Lifecycle.
    Citations and References: 15-Points
    5
    Student uses a minimum of 10 distinct references to present their paper. Each
    reference can be used more than once; however, the reference only counts one time.
    References must be cited in text and listed on the reference page.
    5 Student used properly formatted in-text citations IAW APA Format
    5 Student properly formatted References Page IAW APA Format
    Plagiarism: The Turnitin function has been enabled for this assignment. Plagiarism is a serious
    violation of the academic standards established by the University and accepted by each student.
    Any student who plagiarizes their work will receive a zero for their Final Project grade and will
    be reported for academic dishonesty.
  9. ITEC 4341 – Final Project

Don't hesitate - Save time and Excel

Are you overwhelmed by an intense schedule and facing difficulties completing this assignment? We at GrandHomework know how to assist students in the most effective and cheap way possible. To be sure of this, place an order and enjoy the best grades that you deserve!

Post Homework

Our Features

Reasons to choose us

We accept

Company
Services
For Students

Copyright © 2021 GrandHomework

Top