Analysis/Design Info Systems Coursework - 825 Words

Analysis/Design Info Systems (Cyber security) (Coursework Sample) Content: Analysis/Design Info Systems (Cyber security)NameProfessorInstitutionCourseDate Cyber security has become a more and more significant requirement for businesses both in local and global arena in the perspective of modern society. We live in a data-centric environment, where Information Technology and related data networks as well as services encompass every element of our lives. This makes the safety of digital hardware and processes in cyberspace of significant importance, regardless of whether it is for personal life experience or a successful and sustainable society. A case in example is JCB Health Company, whose Information Technology system has been compromised. As a result of a suspected system intrusion, JCB Company has sought the services our company ABC Inc. for professional analysis of the companys Information Technology systems. As a lead forensics investigator, I am tasked with the responsibly of establishing if indeed there was an intrusion and subsequent ly provide the necessary recommendations (HaÃÅ'mmerli Sommer, 2007). The problem identifiersI will consider applying the two types of intrusion detection, the host based as well as network based detection .This approach will be guided by the fact that the JCBà ¢Ã¢â€š ¬s database administrators computer has exhibited potential malware infection. Based on the case at hand I will use host based detection to primarily to detect any inside attacks for instance if the database administrator abused her privileges. Additionally I will use network based detection to analyze network packets. This will guide me in establishing and detecting any access attempts and rejection of service trials coming from outside the network. JCB has intrusion detection system (IDS) which has sensors installed across the network, these sensors usually reports network activities to a central command console (Daniel, Daniel In Spielman, 2012). Imaging is more correctly the process of making an exact copy of a drive or partition, however other than creating a bootable drive, the duplicate is held in a data representation of the media or partition which can be reinstated from. The image is the data representation and can be stored on another hard drive as well as in a partition. In order to image the lead database administrators drive perfectly I will use a special tool called DriveImage XML. This software permits both image and clone creation. This software uses a graphical user interface (GUI) to direct the user through the process and it produces an image that can be analyzed in a unique way(Wiles, 2007). Below (Fig 1) is the welcome screen for DriveImage XML.
Figure 1: Source: The softwares Drive to Drive option produces an ideal clone of a hard drive. The reason I will use DriveImage XML is because its backup feature - the implementation of imaging, generates an image that comes with an XML file. The XML file offers the capability to browse the image and remove files from it by use o f the DriveImage XML application (as shown in Fig. 2) or a third-party application with XML reader. The software has the ability to clone as well as image a drive even if it is currently in use.
Figure 2: Source: In its default settings, DriveImage XML creates an image that is split up into 650 MB segments so that the image can be stretched out and be burned into CDs or DVDs which perfect for XYZ Inc.RecommendationsSince JCB Company runs a Microsoft SQL Server 2008 database on Microsoft Windows 2003 Server flat form. It is within this server where patient medical records are stored. I will recommend use the DriveImage XML application to image the servers drives because it supports both workstation and server versions of Microsoft windows. However, because of the huge data stored within various partitions of the hot plug hard drives, imaging the drives will not be as fast as it will be on windows XP workstation. Nevertheless I will recommend following the same procedure but this ti me from one hard disk to the next until I have imaged all the drives. Malware are becoming a memory-resident, meaning it has to be executed first, the first execution, an operation executing the executable file, is only the initial step. Malware in most cases uses other tricks ensure that it is initialized as a minimum of once in each system session. It accomplishes this by inserting links to itself in locations at which the system processes or pre-configures Windows Server 2003. These are locations where it is ... Analysis/Design Info Systems Coursework - 825 Words Analysis/Design Info Systems (Cyber security) (Coursework Sample) Content: Analysis/Design Info Systems (Cyber security)NameProfessorInstitutionCourseDate Cyber security has become a more and more significant requirement for businesses both in local and global arena in the perspective of modern society. We live in a data-centric environment, where Information Technology and related data networks as well as services encompass every element of our lives. This makes the safety of digital hardware and processes in cyberspace of significant importance, regardless of whether it is for personal life experience or a successful and sustainable society. A case in example is JCB Health Company, whose Information Technology system has been compromised. As a result of a suspected system intrusion, JCB Company has sought the services our company ABC Inc. for professional analysis of the companys Information Technology systems. As a lead forensics investigator, I am tasked with the responsibly of establishing if indeed there was an intrusion and subsequent ly provide the necessary recommendations (HaÃÅ'mmerli Sommer, 2007). The problem identifiersI will consider applying the two types of intrusion detection, the host based as well as network based detection .This approach will be guided by the fact that the JCBà ¢Ã¢â€š ¬s database administrators computer has exhibited potential malware infection. Based on the case at hand I will use host based detection to primarily to detect any inside attacks for instance if the database administrator abused her privileges. Additionally I will use network based detection to analyze network packets. This will guide me in establishing and detecting any access attempts and rejection of service trials coming from outside the network. JCB has intrusion detection system (IDS) which has sensors installed across the network, these sensors usually reports network activities to a central command console (Daniel, Daniel In Spielman, 2012). Imaging is more correctly the process of making an exact copy of a drive or partition, however other than creating a bootable drive, the duplicate is held in a data representation of the media or partition which can be reinstated from. The image is the data representation and can be stored on another hard drive as well as in a partition. In order to image the lead database administrators drive perfectly I will use a special tool called DriveImage XML. This software permits both image and clone creation. This software uses a graphical user interface (GUI) to direct the user through the process and it produces an image that can be analyzed in a unique way(Wiles, 2007). Below (Fig 1) is the welcome screen for DriveImage XML.
Figure 1: Source: The softwares Drive to Drive option produces an ideal clone of a hard drive. The reason I will use DriveImage XML is because its backup feature - the implementation of imaging, generates an image that comes with an XML file. The XML file offers the capability to browse the image and remove files from it by use o f the DriveImage XML application (as shown in Fig. 2) or a third-party application with XML reader. The software has the ability to clone as well as image a drive even if it is currently in use.
Figure 2: Source: In its default settings, DriveImage XML creates an image that is split up into 650 MB segments so that the image can be stretched out and be burned into CDs or DVDs which perfect for XYZ Inc.RecommendationsSince JCB Company runs a Microsoft SQL Server 2008 database on Microsoft Windows 2003 Server flat form. It is within this server where patient medical records are stored. I will recommend use the DriveImage XML application to image the servers drives because it supports both workstation and server versions of Microsoft windows. However, because of the huge data stored within various partitions of the hot plug hard drives, imaging the drives will not be as fast as it will be on windows XP workstation. Nevertheless I will recommend following the same procedure but this ti me from one hard disk to the next until I have imaged all the drives. Malware are becoming a memory-resident, meaning it has to be executed first, the first execution, an operation executing the executable file, is only the initial step. Malware in most cases uses other tricks ensure that it is initialized as a minimum of once in each system session. It accomplishes this by inserting links to itself in locations at which the system processes or pre-configures Windows Server 2003. These are locations where it is ...