Scribd Logo
Upload

Welcome to Scribd!

  • D431 Task 1 Steps To Success

    Uploaded by

    Allyson N Lettie
    35 views2 pages
    WGU D431 TASK 1

    Original Title

    D431 TASK 1 STEPS TO SUCCESS[49]

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    WGU D431 TASK 1

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    35 views2 pages

    D431 Task 1 Steps To Success

    Uploaded by

    Allyson N Lettie
    WGU D431 TASK 1

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    STEPS TO SUCCESS DOCUMENT

    C840 TASK 1

    A. Create an investigative plan of action based on forensic best practices or


    standards that your team will implement by doing the following:

    A1: Strategy- Discuss the strategy that your team will use to both maximize the
    collection of evidence and minimize the impact on the organization.

    STEP 1. How will I prepare the investigation team? Will you brief the group on who, what,
    when, where, and why? What is the goal?

    STEP 2. How do we acquire the data? Secure the scene? Remove all unnecessary
    personnel? Use of a write blocker? Data extraction tool?

    Should we execute a memory acquisition on the host machine to ensure volatile data
    (evidence) is preserved? What about Making a disk image of the device with hash values?
    What tools are we using?

    A2: Tools and Techniques- Describe the tools and techniques your team will use in
    evidence gathering, preparation, and analysis.

    Which forensics tools will you use? FTK? Encase?

    A3: Collection and Preservation of Evidence- Describe how your team will collect and
    preserve required evidence, using standardized and accepted procedures.

    Have you addressed chain of custody? How will the data be housed?

    https://access.wgu.edu/ASP3/aap/content/seizing_electronic_evidence.pdf
    https://access.wgu.edu/ASP3/aap/content/c840_forensics_frameworks.pdf

    A4: Examination of Evidence- Describe how your team will examine the seized evidence
    to determine which items are related to the suspected violation of company policy.

    What best practice or procedures will you use? What indicators have you received in the course
    scenario that you should be looking for immediately!

    A5: Approach to Drawing Conclusions- Discuss an approach that your team will use to
    draw conclusions based on the digital evidence that supports the claim of a policy
    violation.

    Will the investigation be conducted in accordance with company policy? Will any data be
    altered? Will the conclusion be based on sound evidence?
    A6: Presentation of Details and Conclusions- Discuss how the case details and
    conclusions should be presented to senior management.

    Will the brief to senior management be highly technical in nature? Will it detail every part of the
    analysis process? Will it be done via power point, etc?

    Note:
    TASK 1 average size is 4-6 pages. Include in-text citations for references.

    THIS STEPS TO SUCCESS DOCUMENT IS DESIGNED TO HELP STUDENTS GAIN THE


    NECESSARY COMPETENCY TO COMPLETE TASK ONE. HOWEVER, IT IS NOT THE DO
    ALL TELL ALL. STUDENTS NEED TO ENGAGE THE PACING GUIDE AND PLANNING
    RESOURCES TO ENSURE PROFICIENCY.

    You might also like