Question

In: Computer Science

1. Explain the process used to preserve the verifiable integrity of digital evidence. How does this...

1. Explain the process used to preserve the verifiable integrity of digital evidence. How does this ensure that data is preserved unmodified? How can an analyst show that the original evidence is modified?

2. What are the major principles of risk analysis? List the common steps in developing a risk analysis strategy.

Solutions

Expert Solution

  1. Digital information is of two forms. It could be static, that is, it is stored on physical memories like hard drives, CDs and other memory storage devices. It may be dynamic, meaning it the information may be moving on a certain medium i.e. internet. For example if a file has been shared over groups and other active members, it would be traveling from one to another network or device. In both cases, it is important to preserve its integrity if it is a part of an investigation. In an age where a lot of information is stored in the cloud storage, preserving the integrity of information for investigation purposes has become more challenging and requires an active participation of the companies that are providing these cloud storage facilities.

    To preserve the integrity of information, the first thing that we need is an effective chain of custody. Effective chain of custody ensures that information is dealt with effectively during its collection and analysis phases. The personnel’s who are collecting digital evidence must keep proper documentation that would tell about the health of information at different stages that it is handled. Byte by byte copies of information is also used. This helps in order to recover the whole information if some or all of it is lost or tempered with.

    Investigators can also use specialized software to preserve the integrity of information. This type of software is developed to manage digital forensic information and is operated by experts. This software would keep track of how the information was acquired and how it has been examined to get information for legal proceedings.

  2. Risk analysis is the process of identifying and analyzing potential issues that could negatively impact key business initiatives or projects. This process is done in order to help organizations avoid or mitigate those risks.

Performing a risk analysis includes considering the possibility of adverse events caused by either natural processes, like severe storms, earthquakes or floods, or adverse events caused by malicious or inadvertent human activities. An important part of risk analysis is identifying the potential for harm from these events, as well as the likelihood that they will occur.

  • anticipate and reduce the effect of harmful results from adverse events;
  • evaluate whether the potential risks of a project are balanced by its benefits to aid in the decision process when evaluating whether to move forward with the project;
  • plan responses for technology or equipment failure or loss from adverse events, both natural and human-caused; and
  • identify the impact of and prepare for changes in the enterprise environment, including the likelihood of new competitors entering the market or changes to government regulatory policy.

Steps in risk analysis process

The risk analysis process usually follows these basic steps:

  1. Conduct a risk assessment survey: This first step, getting input from management and department heads, is critical to the risk assessment process. The risk assessment survey is a way to begin documenting specific risks or threats within each department.
  2. Identify the risks: The reason for performing risk assessment is to evaluate an IT system or other aspect of the organization and then ask: What are the risks to the software, hardware, data and IT employees? What are the possible adverse events that could occur, such as human error, fire, flooding or earthquakes? What is the potential that the integrity of the system will be compromised or that it won't be available?
  3. Analyze the risks: Once the risks are identified, the risk analysis process should determine the likelihood that each risk will occur, as well as the consequences linked to each risk and how they might affect the objectives of a project.
  4. Develop a risk management plan: Based on an analysis of which assets are valuable and which threats will probably affect those assets negatively, the risk analysis should produce control recommendations that can be used to mitigate, transfer, accept or avoid the risk.
  5. Implement the risk management plan: The ultimate goal of risk assessment is to implement measures to remove or reduce the risks. Starting with the highest-priority risk, resolve or at least mitigate each risk so it's no longer a threat.
  6. Monitor the risks: The ongoing process of identifying, treating and managing risks should be an important part of any risk analysis process.

Related Solutions

1.What process is used to ensure that evidence is kept secure and it's integrity is maintained...
1.What process is used to ensure that evidence is kept secure and it's integrity is maintained from collection to destruction? 2.Blank image is an exact copy without the addition of any compression or metadata. 3.What is the part of the hard drive that is not easily accessible to the user or the operating system? 4. A firewall log is an example of a computer______ record while a budget spreadsheet is an example of a computer_____record.
What is digital evidence? Explain the types of evidence. What is digital evidence? Explain the types...
What is digital evidence? Explain the types of evidence. What is digital evidence? Explain the types of evidence.
1. Give examples of evidence-based tools used to prevent skin breakdown and maintain integrity, pressure ulcers...
1. Give examples of evidence-based tools used to prevent skin breakdown and maintain integrity, pressure ulcers which can prevent infection?
Explain how a Merkle tree can be used for integrity of individual piece of a large...
Explain how a Merkle tree can be used for integrity of individual piece of a large data and for data retrievability.
Explain what academic integrity is, and explain how you are prepared to meet the academic integrity...
Explain what academic integrity is, and explain how you are prepared to meet the academic integrity standards at your nursing school
Explain how colony color can be used as evidence of the state of the lacZgene in...
Explain how colony color can be used as evidence of the state of the lacZgene in the bacteria
discuss how people used high sugar or high salt to preserve food?
discuss how people used high sugar or high salt to preserve food?
1 Explain at least 3 ways that selection can preserve genetic variation. 2 Explain how selection...
1 Explain at least 3 ways that selection can preserve genetic variation. 2 Explain how selection affects differently: dominant vs recessive traits; homozygotes vs heterozygotes; and when frequency-dependence is a factor. 3 What is the source of genetic variation? How does meiosis contribute to maintenance of genetic diversity? 4Describe the preconditions for natural selection to operate and what the results of natural selection will be. 5 Use the HW equations to solve simple population genetics problems with and without selection....
1. Explain how threads are used by the CPU to process tasks by describing a modern...
1. Explain how threads are used by the CPU to process tasks by describing a modern example, e.g., the multi-core mobile phone that you use every day has an interesting organisation of threads. However, it can be any other modern example of hardware that uses ―threads. 2. There are a number of techniques used by CPU designers to improve the performance of their processors. However, these optimisation strategies do not always work – for some workloads, they may have no...
What unique challenges and opportunities does digital evidence bring to fraud detection and investigation?
What unique challenges and opportunities does digital evidence bring to fraud detection and investigation?
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT