Malware Forensic Computing Assignment Example | Topics and Well Written Essays - 2500 words

Malware Forensic Computing - Assignment Example Computer forensics or cyber forensics is a very imperative topic in information systems and networks management. Forensics is the structured procedure of gathering, examining and showing facts and evidences to the court of law, and thus, forensic computing is defined as â€Å"the discipline that combines elements of law and computer science to collect and analyze data from computer systems, networks, wireless communications, and storage devices in a way that is admissible as evidence in a court of law† (US-CERT 2008). This involves the seeking, locating and securing the electronic data so as to provide evidence. This electronic or magnetically encoded data may include text messages, databases, pictures, e-mail, websites, spyware, malware, and so on. The evidence collected is strong and indisputable as compared to any other branch of forensic science because a copy that is made of the collected data is identical to the actual data and there is no room left for dispute. The whol e concept revolves around the idea that a structured investigation is carried out to find out what exactly happened to the computer, when it happened, how it happened, and who did it. This is just like solving a murder case and performing postmortem. The operator does not know that the evidence information is transparently being created and stored by the computer’s operating system which can only be extracted through computer forensics software tools and techniques. ... The crimes include misuse of computer systems, attack on computer systems, using a computer system to work against another system, failure of a computer system, and the list continues. Computer forensics security solutions focus not only on recovery but also on prevention of security threats in order to provide securer solutions that are quicker and cheaper than the conventional techniques. These solutions include intrusion detection system (IDS), internet security system, biometric security system, net privacy system, firewall set-ups, network disaster security system, identity theft prevention system, identity management security system, and so on (Vacca 2005: 146). 2.2. Malware Forensics Malware is the malicious code that computer intruders use to do a cyber attack, and malware forensics is the forensic computing techniques used by the investigators to detect and analyze this malicious code or malware (Ligh et al. 2010). Since cyber attackers are becoming increasingly aware if com puter forensics techniques, they are designing much more sophisticated malicious codes that are at times hard to detect and analyze. Casey, Malin and Aquilina (2008) state that â€Å"By employing techniques that thwart reverse engineering, encode and conceal network traffic, and minimize the traces left on file system, malicious code developers are making both discovery and forensic analysis both difficult.† 2.2.1. Types of Malware The most common instances of malware are the viruses, worms, Trojan horses, scareware, and exploits. Viruses get installed in the computer files through email scams, websites, downloads, etc. Worms work the same way as viruses. Scareware is a malware that

Incident Command System Essay Example | Topics and Well Written Essays - 750 words - 1

Incident Command System - Essay Example Common terminology pertains to the use of standard terms during disasters where every responding personnel understand one another because they have the same jargon or language which describes organizational functions, facilities, resources and position titles (FEMA, n.d). Modular organization is a description of the incident command organizational structure that is top-down in style. This kind of organizational structure is flexible to accommodate the magnitude and difficulty of the disaster. Management by objectives is the development of goals during the operation process that is practical, measurable and achievable; this is in relation to having reliance on an incident action plan (IAP) that provides means of communicating operational and support objectives (FEMA, n.d). Chain of command and unity of command entails reporting to one supervisor or head only to avoid overlapping of orders that may come from various heads or supervisors at different levels. Unified command on the other hand allows multiple agencies with different functions to work as a team irregardless of respective agency influence and accountability. Manageable span of control sets a limit to the number of personnel a supervisor can handle in an ICS, which is three (3) to seven (7) people only. Predesignated incident locations and facilities are the sites established to house operational and support facilities that can be found within the area of the disaster or incident. New locations or sites can be made as needed. Resource management includes the overall resources needed within the disaster vicinity in terms of ordering, tracking and recovery (FEMA, n.d). Information and intelligence management refers to the procedures for the management of information related to the incident. Integrated communications is the process of establishing a standard and interoperable communication system within the ICS. Transfer of command pertains to the transfer of command responsibilities that includes proper briefing of all pertinent information so that the operation can go on efficiently (FEMA, n.d). Accountability depicts following the standard operating procedures needed within an ICS. This includes reporting to receive assignments based on protocol by the incident commander; followed by adhering to the outlined IAP where every responder will be assigned under one supervisor only, who will also account for the changes in resource status. And last but not the least is mobilization where needed personnel and equipment at a disaster site will respond only as needed and directed (FEMA, n.d). As an incident commander for the disaster that occurred in Japan, I will first and foremost set up an appropriate location for the incident command center. Then I will make a preliminary estimate of the number of people and the type of facilities as well as equipment that is needed on site. Before any actual operation starts all responders will be given a list that contains common words or terms to b e used in communications. After which, I will assign all responders to their respective supervisors limiting three people only under one supervisor who will give their specific duties to perform. As the operation progresses, I will collate all