In: Computer Science
Can you please type, I will rate you well! Thank you!
In this activity, you will be devising a Data Collection plan that describes how information on each asset will be collected.
Develop a Data Collection plan that can be used to perform Data Collection on the different assets in the Action Forensics organization. As you develop this plan you will have to make decisions based on your understanding of how the company works. Do not worry that you are making a wrong decision. For example, you may decide the owner of the 50 TB SAN is the network technician instead of the evidence custodian, or even one or more of the forensic investigators. What is important is that you document your reason for choosing one owner over another.
Based on your understanding of Action Forensics, identify what might be collected in the following areas:
For each item that you identify, decide which of the following specific items should be collected:
Decide which of the following specific items should be collected for an application:
Decide which of the following specific items should be collected for a database:
Remember, the object of this activity is to develop the Data Collection plan, not to actually collect the data. Keep in mind that someone who has never performed Data Collection should be able to follow your plan with a minimum of questions
1.
In listings of enterprise applications, the data that can be collected includes following:
What are the different types of enterprise application, what type of domain these applications use or the way how things works, which application has the most liking and what features makes it so popular. What are the common users of those applications and upto what extent do they use these applications.
For listings of database:
The data can easily be represented in database which gives it a plus point to analyze and collect data easily from the databases. We can collect almost everything that we need if the database has entries for those fields. To calculate sum, average we can easily use commands. We can almost collect any kind of data from databases as long as there is a column for that name. We can also see what kind of databases are present.
Software Inventory:
The data that can be collected from a software inventory is that how it works what devices is it compatible with, with wat logic was it built and if there are any risks or drawbacks in the software, how much is this going to perform in the market and what properties are there in the software, is there anything new or is there some other software just like that or is the software better from it's previous version(if there exists one) or not. It can also give information about various applications used in IT environment, type, size, data and other related data of software installation.
Hardware Inventory:
The data that can be collected from a hardware inventory is that if it is working properly or not, which hardware is most used among various presents, how much old is the hardware, it's model no, manufacturer, storage capacity, system type, installation date, description, provides detail of computer based on their type like laptop, desktop etc. It also let's us know if the hardware is up to date or not.
Technical Design Document:
It is like a design blueprint. The type of data we can get from this, how to deal with some technical problem, product requirements, technical requirements, design, implementations.
2.
Asset Name: Listings of Enterprise Applications
System Name: Software Inventory
Description of the System: Software Inventory
Hostnames or IP Address: Hardware Inventory
Vendor, if any: Hardware Inventory
System Owner: Hardware Inventory
Technical Support Contact: Technical Design Documents
Department that uses the Asset: Listings of Enterprise Applications
Description of Data: Listings of Databases
Classification of Data: Listings of Databases
Number of Records: Listings of Databases
3.
For an application both operating system and database should be collected because in case of an application, before using it is important to know if it is compatible with the OS or not and when the application will run it will collect some data from users, for which there will be a requirement for some storage thing which a database can fulfill properly.
4.
Operating system as well as application supported should be given preference because if an application is collecting data in an unstructured form while the database is of structured data then issues will arise and operating system should also be considered because if the database file format is not supported in the operating system then there can be serious issues that can rise.