Volatility & Wireshark assignment

| May 5, 2020

Your answers for each question (questions 1-3) must include a response of no less than 400 words. You may use headings, paragraphs, bullet lists, etc.  No citations are required unless you use (or should use) a direct quote from a source. If you do so, do not count the words quoted in your word count.

 

So, what I’ve done over the semester was analyzed specific data (I can’t upload the file because it’s over 40GB) that relates with ransomware attack.

 

Question 1 (400 words) – Pick From the following list of data types:

  • Memory captures (Memory Forensics)

Discussion points:

  • Explain the “Tools” that you would use to examine this kind of date. Volatility
  • Explain the initial, basic findings you might discover and report on about data of this type.
  • Explain the types of “Findings” that you would expect to locate in this kind of data..
  • Describe the temporal nature of this data type. For example, if this item is “discrete”, single timeframe, explain how you might interpret what you might find. Compare that to data that occurs over a longer period of time.

For question 1, I used Imageinfo, pslist ,pstree, pssscan, dlllist, dlldump, memdump, procdump, modscan, moddump, netscan, hivelist, shimcache, psxview and malfind to get analyze

 

Question 2 (400 words) – Pick a different data type than you reported on for Question 1. Use the following list:

  • Network data

Discussion points:

  • Explain the “Tools” that you would use to examine this kind of date. Wireshark
  • Explain the initial, basic findings you might discover and report on about data of this type.
  • Explain the types of “Findings” that you would expect to locate in this kind of data..
  • Describe the temporal nature of this data type. For example, if this item is “discrete”, single timeframe, explain how you might interpret what you might find. Compare that to data that occurs over a longer period of time.

Question 3 (300 words) – Writing and Communication

Explain the types of things that should go in the Executive Summary of the report or the first slide of your presentation.  Describe the difference between these items and the items you might put into the technical analysis portion of your report. Give concrete and specific examples.

 

Get a 5 % discount on an order above $ 150
Use the following coupon code :
2020Discount
Introduction to Nursing Knowledge and the Quantitative Research Critical Appraisal Process
Marketing assignment help

Category: Completed Assignments

Our Services:
Order a customized paper today!