Question

In: Computer Science

A new start-up SME (small-medium enterprise) based in Melbourne with an Egovernment model has recently begun...

A new start-up SME (small-medium enterprise) based in Melbourne with an Egovernment model has recently begun to notice anomalies in its accounting and product records. It has undertaken an initial check of system log files, and there are many suspicious entries and IP addresses with a large amount of data being sent outside the company firewall. They have also recently received a number of customer complaints saying that there is often a strange message displayed during order processing, and they are often redirected to a payment page that does not look legitimate. Address the following questions while preparing your report as a digital forensics investigator. a) Discuss a general overview of the methodology that you will use, and provide a reasoned argument as to why the particular method chosen is relevant. [5 Marks] b) How should you proceed if your network forensic investigation involves other companies? [5 Marks] c) Explore the techniques and tools that can be used in this situation. [5 Marks] d) Describe significant challenges with network forensics in this network, including forensic acquisition and evidence preservation. [5 Marks] e) Identify and explain three types of log files you should examine after a network intrusion.

Solutions

Expert Solution

Sol:

a)

When we look indepth to the case , we can understand that the server is in a risk . The log files indicating that there are many unknown entries are came and send the data outside the firewall. Also the bugg redirecting the company payment page to other fraudlent page as same as phishing attack.

The main methodology that i will prefer is to undergo a detailed anaysis to the entire system. The server may be corrupted , and we need to understand the cause of it as soon as possible to go further. Since the firewall also broke the severity is higher . A advanced scanning and checking of firewall is needed. till the problem resolved we need to shutdown the payment portel.

b)

so when we proceed with our network forensic method , there is a chance of involving other companies. In that case acquire all available data and preserve it . If possible contact the other company and discuss about the intrusion that happened for them . in crucial cases can go forward with agencies.

c)

we can use some techniques and tools for gathering data an understanding its working . lets check some of it ,

* Analyse all the available data

* make a track of all available ip address.

* make use of the tool wireshark for analysing network packets.

* identifying the exact problem is very much important in network forensic.

d)

challenges

* Since so much payload came ip tracking is difficult.

* attacker may mask the ip address.

* if the attacker encrypted his network it is difficult for the network forensic to identify .

* Re installing of firewall is needed as soon as possible.


Related Solutions

You should consider the case of a small to medium enterprise (SME) which may employ up...
You should consider the case of a small to medium enterprise (SME) which may employ up to 200 people. There are different sections in the enterprise, such as accounting, sales, purchases, marketing, human resources, and general administration. The enterprise has a web site with general information about the company, e-commerce functions, to enable online orders to be placed and deposits to be taken, customer relationship management, including form-to-email facilities, and an online job quoting system. These applications and other enterprise...
Devise and document a plan that provides guidance for an SME ( Small to Medium Enterprise...
Devise and document a plan that provides guidance for an SME ( Small to Medium Enterprise ) Migrating to the public cloud that incorporates: (1.) a thoughtful migration strategy (2.) adequate attention to systems availability (with a focus on business continuity and disaster recovery) (3.) thoughtful design with attention to security throughout
2. Assume you are the HR Director for an SME that has begun to use international...
2. Assume you are the HR Director for an SME that has begun to use international assignments. You are considering using an external consulting firm to provide pre-departure training for employees, as you do not have the resources to provide this in-house. What components will you need to be covered? How will you measure the effectiveness of the pre-departure training program provided by this external consultant?
discuss the importance of innovation in the small and medium enterprise
discuss the importance of innovation in the small and medium enterprise
A healthcare equipment company has recently begun developing an enterprise-wide risk management system. It has administered...
A healthcare equipment company has recently begun developing an enterprise-wide risk management system. It has administered a focused questionnaire on a sample of its top risk owners which has produced information on identification and assessment of its risk categories shown in the table below. The information provided includes measures of probability, impact on net income, and exiting control (low, medium, and high) for each risk categories. You are hired to use a methodology to prioritize the identified risks, develop a...
The manager of a pizza restaurant has recently begun experimenting with a new method of baking...
The manager of a pizza restaurant has recently begun experimenting with a new method of baking pepperoni pizzas. He personally believes that the new method produces a better-tasting pizza, but he would like to base the decision on whether to switch from the old method to the new method on customer reactions. Therefore, he performed an experiment. For 100 randomly selected customers who order a pepperoni pizza for home delivery, he included both an old-style and free new-style pizza in...
Jenny has recently begun running her own successful small business, called “Dazzling Dogs”. This is a...
Jenny has recently begun running her own successful small business, called “Dazzling Dogs”. This is a day care centre and boutique for dogs providing day care, grooming treatment, food, and designer clothes and accessories. In growing her business, Jenny has used her creative talents to produce new ideas and new products. Jenny has developed the following items: A logo/brand using the phrase “Dazzling Dogs!” which she has placed on all her products. A computer software program teaching dog training techniques....
The enormous contribution of Small and Medium Enterprise in Ghana cannot be over emphasized. It is...
The enormous contribution of Small and Medium Enterprise in Ghana cannot be over emphasized. It is often said that, the Small and Medium Enterprises are the Engine of Growth. Discuss.
The contribution of Small and Medium Enterprise in Ghana is being acknowledge. It is often said...
The contribution of Small and Medium Enterprise in Ghana is being acknowledge. It is often said that, the Small and Medium Enterprises are the Engine of Growth. There are , however, certain factors that militate against the Growth and Development of the Small and Medium Enterprises in Ghana. Discuss
You are performing an audit of a small Internet start-up company that recently went public. During...
You are performing an audit of a small Internet start-up company that recently went public. During the audit, you frequently converse with the employees, with whom you have a comfortable relationship. In on conversation, an employee mentions the strange behavior of a co-worker. Apparently, this suspect employee comes to work very early and stays late. He is stressed at work and rather irritable. Although many of the company's founders are enjoying the economic fruits of the initial public offering (IPO),...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT