cis438 wk 9 discussion questions
*** THESE ARE SHORT ANWSERS NOT ESSAYS*** Please in clude refrances for eack question
Question ONE:
- Your organization has recently established a risk assessment team and an incident response team. They have recently defined their risk assessment and incident response processes. The first team meeting is this week and you want to ensure that you convey the importance of the teams to each team member.
- Develop your introductory remarks to the teams, including five main points of risk assessment and five main points of incident response that you want to emphasize.
- Decide what you will say to the team to attempt to avoid conflicts of interest.
- From the e-Activity, identify the beneficial information, provided by US-CERT, in the development of a risk assessment team or an incident response team.
Question TWO:
- Organizations typically use both quantitative and qualitative risk analysis techniques when analyzing the risk to the organization and determining the appropriate counter-measures.
- Compare and contrast quantitative and qualitative risk analysis.
- Describe a situation when a qualitative risk analysis method is most appropriate, and describe a situation when a quantitative risk analysis method is most appropriate.
E-Activity:
- The United States Computer Emergency Readiness Team (US-CERT) provides information, guidance, and alerts for protecting your computer systems. Review the security publications, located at http://www.us-cert.gov/security-publications/, and be prepared to discuss.
Question THREE:
- The computer forensics investigative process includes five steps: Identification, Preservation, Collection, Examination, and Presentation.
- Describe the most important aspect of each step.
- Decide which step you believe is most challenging as a whole, and describe why.
- Describe the importance of forensics examinations in legal proceedings and what investigators can do during each step to avoid potential problems during legal proceedings.
Question FOUR:
- From the e-Activity, describe the capabilities and functions of the computer forensics tool you downloaded and explain where the tool is most beneficial in the investigation process.
- Describe the considerations that organizations and investigators must take into account when determining the appropriate tools to use, while knowing that the tool will be used to support legal proceedings.
E-Activity:
- There are many computer forensics tools available on the Internet and many of them are available free of charge or available on a trial basis to become familiar with the tool. Search on the Internet for “Computer Forensics Tools†and download the one of your choice. Be prepared to discuss the functionality of the tool.