For more course tutorials visit www.newtonhelp.com Assignment 1: Professional Forensics Basics Due Week 3 and worth 50 points Suppose you are the CISO at a large company and are trying to convince the Board of Directors that there is a business need for a system forensics department and lab, and substantial funding is needed.

1. CIS 562 Week 3 Assignment 1 Professional Forensics Basics
For more course tutorials visit
www.newtonhelp.com
Assignment 1: Professional Forensics Basics
Due Week 3 and worth 50 points
Suppose you are the CISO at a large company and are trying to convince
the Board of Directors that there is a business need for a system
forensics department and lab, and substantial funding is needed.
Write a four to five (4-5) page paper in which you:
Develop a compelling argument that you would present to the Board,
making a case for creating a system forensics department and building a
functional lab.

2. Describe the difference between corporate investigations and law
enforcement investigations and determine why corporate investigations
are an integral part of an information security program.
Explain the importance of employing dedicated system forensics
specialists who are familiar with multiple computing platforms and the
negative affect the lack of familiarization can have on an investigation.
Compare and contrast public laws and company policy in terms of
computer forensics and identify the role each plays in an investigation.
Analyze the importance of using forensic specialists and professional
conduct in an investigation and the affect this has in a court case and / or
corporation investigation.
Use at least three (3) quality resources in this assignment.Note:
Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:

3. The specific course learning outcomes associated with this assignment
are:
Be typed, double spaced, using Times New Roman font (size 12), with
one-inch margins on all sides; citations and references must follow APA
or school-specific format. Check with your professor
for any additional instructions.
Include a cover page containing the title of the assignment, the student’s
name, the professor’s name, the course title, and the date. The cover
page and the reference page are not included in the required assignment
page length.
Identify the computer forensics investigation process.
Outline system forensics issues, laws, and skills.

4. Use technology and information resources to research advanced issues in
computer forensics.
Write clearly and concisely about topics related to computer forensics
planning using proper writing mechanics and technical style
conventions.
----------------------------------------------------
CIS 562 Week 8 Case Study 3 Analyzing Stuxnet
For more course tutorials visit
www.newtonhelp.com
Case Study 3: Analyzing Stuxnet
Due Week 8 and worth 60 points
Read the article titled, “How Digital Detectives Deciphered Stuxnet, the
Most Menacing Malware in History” located at the Wired link below:

5. http://www.wired.com/threatlevel/2011/07/how-digital-detectives-
deciphered-stuxnet/all/1
Write a three to four (3-4) page paper in which you:
Explain the forensic technique Symantec researchers employed in order
to receive the traffic sent by Stuxnet-infected computers and describe
what their analysis uncovered.
Identify what researchers were surprised to discover with Stuxnet’s
malicious DLL file. Assess this significant function of malware and
what potential dangers it could present in the future.
Determine the primary reason that critical infrastructures are open to
attacks which did not seem possible just a couple of decades earlier.
Decide whether or not an appropriate case has been made in which
Stuxnet was indeed a targeted attack on an Iranian nuclear facility, based
on the evidence and conclusions of the researchers. Provide your
rationale with your response.

6. Use at least two (2) quality resources in this assignment other than the
article linked above. Note: Wikipedia and similar Websites do not
qualify as quality resources.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with
one-inch margins on all sides; citations and references must follow APA
or school-specific format. Check with your professor for any additional
instructions.
Include a cover page containing the title of the assignment, the student’s
name, the professor’s name, the course title, and the date. The cover
page and the reference page are not included in the required assignment
page length.
The specific course learning outcomes associated with this assignment
are:
Outline system forensics issues, laws, and skills.

7. Analyze and describe the process of reviewing network logs for analysis.
Use technology and information resources to research advanced issues in
computer forensics.
----------------------------------------------------
CIS 562 Week 9 Assignment 4 Email Harassmen
For more course tutorials visit
www.newtonhelp.com
Assignment 4: Email Harassment
Due Week 9 and worth 50 points
Suppose you are an internal investigator for a large software
development company. The Human Resources Department has
requested you investigate the accusations that one employee has been
harassing another over both the corporate Exchange email system and
Internet-based Yahoo! email.

8. Write a four to five (4-5) page paper in which you:
Create an outline of the steps you would take in examining the email
accusations that have been identified.
Describe the information that can be discovered in email headers and
determine how this information could potentially be used as evidence in
the investigation.
Analyze differences between forensic analysis on the corporate
Exchange system and the Internet-based Yahoo! System. Use this
analysis to determine the challenges that exist for an investigator when
analyzing email sent from an Internet-based email system outside of the
corporate network.
Select one (1) software-based forensic tool for email analysis that you
would utilize in this investigation. Describe its use, features, and how it
would assist in this scenario.
Use at least three (3) quality resources in this assignment.Note:
Wikipedia and similar Websites do not qualify as quality resources.

9. Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with
one-inch margins on all sides; citations and references must
Assignment 4: Email Harassment
Due Week 9 and worth 50 points
Suppose you are an internal investigator for a large software
development company. The Human Resources Department has
requested you investigate the accusations that one employee has been
harassing another over both the corporate Exchange email system and
Internet-based Yahoo! email.
Write a four to five (4-5) page paper in which you:

10. Create an outline of the steps you would take in examining the email
accusations that have been identified.
Describe the information that can be discovered in email headers and
determine how this information could potentially be used as evidence in
the investigation.
Analyze differences between forensic analysis on the corporate
Exchange system and the Internet-based Yahoo! System. Use this
analysis to determine the challenges that exist for an investigator when
analyzing email sent from an Internet-based email system outside of the
corporate network.
Select one (1) software-based forensic tool for email analysis that you
would utilize in this investigation. Describe its use, features, and how it
would assist in this scenario.
Use at least three (3) quality resources in this assignment.Note:
Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:

11. The specific course learning outcomes associated with this assignment
are:
Be typed, double spaced, using Times New Roman font (size 12), with
one-inch margins on all sides; citations and references must
follow APA or school-specific format. Check with your professor for
any additional instructions.
Include a cover page containing the title of the assignment, the student’s
name, the professor’s name, the course title, and the date. The cover
page and the reference page are not included in the required assignment
page length.
Describe and analyze practices in obtaining digital evidence.
Demonstrate the ability to develop procedural techniques in crime and
incident scenes.
Describe processes in recovering graphic, mobile and email files.

12. Use technology and information resources to research advanced issues in
computer forensics.
Write clearly and concisely about topics related to computer forensics
planning using proper writing mechanics and technical style
conventions.
----------------------------------------------------
CIS 562 Week 10 Term Paper Corporate Embezzlement
For more course tutorials visit
www.newtonhelp.com
Term Paper: Corporate Embezzlement
Due Week 10 and worth 200 points
Imagine you are employed by a large city police department as the
leader of the digital forensics division. A large corporation in the city
has contacted the police for assistance in investigating its concerns that

13. the company Chief Financial Officer (CFO) has been using company
money to fund personal travel, gifts, and other expenses. As per the
company security director, potential evidence collected thus far includes
emails, bank statements, cancelled checks, a laptop, and a mobile device.
Write an eight to ten (8-10) page plan report in which you:
Explain the processes you would use to seize, search, collect, store, and
transport devices and other potential sources of evidence.
Indicate the personnel resources needed for the investigation and assess
why you believe this amount of resources is warranted.
List the initial questions you would have for the security director
regarding the company’s email environment and explain the tasks you
would consider performing for this portion of the investigation.
Create an outline of the steps you would take to ensure that if a trial
were brought against the CFO, the evidence collected would be
admissible in the court of law.

14. Determine the potential evidence (including logs, devices, etc.) you
would request from the company security director based on what she has
identified and identify the other data sources you might consider
reviewing.
Explicate the tools you would use for this investigation based on the
potential evidence the company security director has already identified,
as well as any other potential sources of evidence you might review.
Describe the procedure and tool(s) you would consider utilizing for
acquiring potential evidence from the CFO’s mobile device.
Use at least five (5) quality resources in this assignment.Note: Wikipedia
and similar Websites do not qualify as quality resources.
------------------------------------------------------------------------------------------------