Advanced Digital Forensics

1317 Words3 Pages
bulb-icon

Recommended: Security flaws and limitations of microsoft windows

Ria Arora Advanced Digital Forensics Professor Dragos We are being hired as a consultant to help respond to a small medical office in which they learned that 10 of their employees have been victims of identity theft. The office has 55 total employees amongst two office locations. They have one workstation per employee and different kinds of computer operating systems in use. There is a mixture of Windows 7, Vista, and XP operating systems. The servers being used are Windows 2003 and 2008 versions. This is used for the billing system which hasn’t been updated to cloud services. As a consultant, I will try to help the business by looking at how their information was being received by the attacker, to prevent further attacks, and to check …show more content…

The investigators should do research on the different Operating Systems and check what kind of vulnerabilities they can find on it. I was able to find a lot of vulnerabilities with Windows 7 using CVE details. CVE details provides details on all the vulnerabilities available on an operating system and how the attackers will be able to gain access to it. Since the Windows XP and Vista have not been updated, there will be a lot of vulnerabilities on those machines as well. There are many resources and tools online which will help us find specific vulnerabilities in these operating systems. It is possible for someone to gain access to the victims machines through these vulnerabilities. Extracting and translating information in Registry is also very important in incident response. A lot of changes happen in the registry when users download or delete any sort of data. It also keeps date and time for any of those changes. There are a lot of tools which can help with that including RegRipper, Process Monitor, and WRR. These work just as well with machines with an older operating system to extract and understand registry keys and values or monitoring accesses to the Registry on a live system. The tool regslack.exe is very helpful to check if any of the registry keys and values were …show more content…

The four characteristics of a malware being present on the system include initial infection vector which is how the malware got into the system. The second is propagation mechanism which is how the malware moves between the systems, if it does. The third is persistence mechanism which is how the malware remains on the system and survives reboots or when the user logs out. The fourth one is the artifacts which is what traces the malware leaves on the system as a result of its execution. If malware does seem present, we need to find out what data was also being viewed including the identity of the employees. The company needs to make sure no data of the client is being

Show More
Related

  • Nt1330 Unit 6 Lab 1

    825 Words  | 2 Pages

    Auditing is important to Systems Administrators where they can watch accounts’ access and login activities on each computer in the infrastructure. In order to do so, Systems Administrators can do so using the Group Policy Management Console (GPMC). In order to do so, Systems Administrators can enable the auditing option of what they wish to audit. For example, the login auditing option can be enabled in the Group Policy Management Editor (GPME). Moreover, Systems Administrators have many auditable items that they can setup and benefit from in the Active Directory world.

    Read More

  • HIPAA, CIA, and Safeguards

    1633 Words  | 4 Pages

    Whitman, M., & Mattord, H. (2010). Management of information security. (3rd ed., p. 6). Boston, MA: Cengage Learning.

    Read More

  • College Forensics Case Study

    554 Words  | 2 Pages

    The Forensics team stands out as one of the oldest continuous programs on our campus and the only competitive team at Los Angeles City College. As the current director of Forensics I am writing to apply for the Foundations $5,000 mini grant.

    Read More

  • The Collection of Digital Evidence

    761 Words  | 2 Pages

    Computer forensic investigators have the tough job of finding a “binary” smoking gun. In order to do this, the investigator must be trained, qualified and have an “eye” for things that others may not see. The investigator must take into consideration that each computer examination is unique (Solomon 2011). Understanding the hardware, its operating system and other peripheral or network devices make this job that more difficult.

    Read More

  • What Is Identity Theft?

    1631 Words  | 4 Pages

    In order to assist a victim of identity theft there several steps, a Forensic Accountant

    Read More

  • Identity Theft Throughout History

    1355 Words  | 3 Pages

    Identity theft is no new problem in our world. It has occurred for decades and only grows more popular with criminals. Due to our world’s expanding technology, identity theft is becoming easier to commit and harder to detect. Luckily as the criminals technology becomes more advanced, so does out justice system’s technology to help fight the crime. The number of criminals that engage in the fraud and thievery will only grow due to the lucrative nature of the crime, but also will the forces that are established to stop them. This white-collar crime will gain more attention and therefore more laws will be passed to protect the public from becoming victims. With the use of laws, task forces, and the education and awareness of the public, identity theft will be given more attention and focus to hopefully deter future threats from occurring.

    Read More

  • Companies Using IDS To Secure Their Networks

    1672 Words  | 4 Pages

    Organizations are more concerned about computer security, as most information now is stored in databases, and most systems are connected to the Internet. Use of Intrusion Detection Systems (IDS) is one of the factors companies should consider when planning their information security policy. IDS is important to protect sensitive information, to meet laws and regulations and to prevent economic loss, although in some cases IDS implementation is no economically viable. To be able to determine if an implementation of an IDS is necessary some factors must be taken into consideration, such as advantages and disadvantages, economy, laws and regulations.

    Read More

  • End of Window XP

    1344 Words  | 3 Pages

    The most widespread and reigning operating system, Window XP that was released on October 25, 2001 and was considered to be the most outstandingly accepted operating system platform among Consumer and Business Markets is now after April 8, 2014 will be defunct. That means , starting from April 9,2014 Microsoft will no longer provide support, market or any updates, hot fixes, any type of support options like Microsoft Security Essentials or online technical content updates. Also, there can be the scenario when great number of apps and devices don’t even work well with Window XP. Now, this will increase the hacking attacks exponentially on machine that are still continued to use Window XP. This looming sunset will have direct impact on enterprise environments, security locks on doors/buildings, automated teller machines, government computing devices, E-Commerce, military computing devices, retail industry with POS and other application running in that environment and other organizations that deals with Credit Cardholder data and those who are obliged to comply with PCI DSS requirements.

    Read More

  • The Pros And Cons Of Identitytheft

    1756 Words  | 4 Pages

    This shows that identity theft is a growing problem that needs to be addressed (VanderPal). The United States Department of Justice, a branch of the United States government, defines identity theft as “terms used to refer to all types of crime in which someone wrongfully obtains and uses another person's personal data in some way that involves fraud or deception, typically for economic gain.” Identitytheft.info, a website edited by Rob Douglas, an identity theft expert, states, “…every individual or business is vulnerable to attack when it comes to personal or corporate information, products and services.” They also state, “As the methods used to perform identity theft expand, so do the types of accounts and services being stolen by identity thieves” (“Identity Theft Statistics”). As shown above, millions of people are being affected by identity theft in the United States, and it is only

    Read More

  • Identity Theft Informative Speech

    1175 Words  | 3 Pages

    III. Thesis Statement: Identity Theft is rapidly becoming a national issue because anyone of us could be a victim of identity theft. How we protect our self, keep our information private, identify any signs of identity theft, and report and repair our credit is up to each one of us. We have to be vigilant about our protecting ourselves from criminals.

    Read More

  • Cobit Framework

    685 Words  | 2 Pages

    This paper outlines some considerations addressing a number of control objectives that is needed when designing an effective security program. The COBIT framework will be utilized to provide control objectives in IT and “Ensure Systems Security”, that covers many of the areas outlined in this paper. The PCS Security Program will adopt a risk management approach to information security. This requires the identification and mitigation of vulnerabilities and threats that can adversely impact PCS information assets. This Information Security Program Charter serves as the high point document for the PCS Information Security Program.

    Read More

  • Employee Theft

    794 Words  | 2 Pages

    The following memorandum written by a director of a security and safety consulting service discusses a critical issue effecting business in our economy today, that of employee theft. "Our research indicated that, over past six years, no incident of employee theft have been reported within ten of the companies that have been our clients. In analyzing the security practices of these ten companies, we have further learned that each of them requires its employees to wear photo identification badges while at work. In the future, we should recommend the uses of such identification badges to all of our clients." The issue of employee theft is a broad problem and has different labels to identify it, shrinkage for the retail industry and hidden profit loss in the technology sector are serval examples of common terms used for employee theft. The author of this memorandum presents several data points and suggests one recommendation to effect the issue of employee theft based on a sampling of the client population.

    Read More

  • Information Security

    2693 Words  | 6 Pages

    The first thing that we must consider about Information Security is that there is not a final destination at which we can arrive. IT Security is an ongoing set of processes and activities that requires attention and expertise on a daily basis. It is important to understand that systems are not secured by themselves and it is our responsibility to maintain and improve them periodically as required. It is of vital importance to establish the appropriate mechanisms and requirements in order to support the company’s CIA triad. The following report will provide you guidance about auditing and hardening techniques applied though the 7 Domains by utilizing IT Security Best Practices.

    Read More

  • Operating Systems Essay

    996 Words  | 2 Pages

    Registry Cleaners: Cleaning and optimizing of the windows Registry by removing old registry keys that are no longer in use.

    Read More

  • The Importance Of Computer Forensics

    1810 Words  | 4 Pages

    Computer forensics is the practice of collecting, analysing and reporting on digital data in a way that is legally admissible. It can be used in the uncovering and stoppage of crime and in any disagreement where evidence is stored in numerical form. Computer forensics surveys a parallel process to other forensic corrections, and faces similar matters.

    Read More

More about Advanced Digital Forensics

Open Document