Evidence Collection Policy

Scenario

After the recent security breach, Always Fresh decided to form a computer security incident response team (CSIRT). As a security administrator, you have been assigned the responsibility of developing a CSIRT policy that addresses incident evidence collection and handling. The goal is to ensure all evidence collected during investigations is valid and admissible in court.

Consider the following questions for collecting and handling evidence:

1.  What are the main concerns when collecting evidence?

2.  What precautions are necessary to preserve evidence state?

3.  How do you ensure evidence remains in its initial state?

4.  What information and procedures are necessary to ensure evidence is admissible in court?

Tasks

Create a policy that ensures all evidence is collected and handled in a secure and efficient manner. Remember, you are writing a policy, not procedures. Focus on the high-level tasks, not the individual steps.

Address the following in your policy:

§  Description of information required for items of evidence

§  Documentation required in addition to item details (personnel, description of circumstances, and so on)

§  Description of measures required to preserve initial evidence integrity

§  Description of measures required to preserve ongoing evidence integrity

§  Controls necessary to maintain evidence integrity in storage

§  Documentation required to demonstrate evidence integrity

Required Resources

§  Internet access

§  Course textbook

Submission Requirements

§  Format: Microsoft Word (or compatible)

§  Font: Times New Roman, size 12, double-space

§  Citation Style: APA

§  Length: 2 to 4 pages

Self-Assessment Checklist

§  I created a policy that addressed all issues.

§  I followed the submission guidelines.

 Home>Computer Science homework helpnetworkingCybersecurity

Heuristic Usability Analysis of your Prototype

1. Usability Test/Test Plan
   1. Scenarios (from project 3)
   2. Tasks (from project 3)
   3. Task List (from project 3)
2. Usability Data
   1. Use two participants.
   2. You can observe them using your prototype.
   3. Write your observation.
   4. Interview them after they used your product.
   5. Give them a questionnaire. 
   6. Make sure your data is clear and understandable. 
3. Recommendations
   1. After your users have used your product, what are your recommendations for any usability problems that you observed from your users or that you got from the questionnaire.
   2. You can also rate the recommendations as major, minor, or non-issue, etc. if you like.

SubjecT: Information Technology Project Management

Please check attached template and add below details for 9 slides.

Add meeting notes because we need record presentation and submit it.

Each member should individually list:

1. Four things they think was good about the project

2. Four things they thought was bad (didn’t go right or a struggle) regarding the project

3. Three areas where they think they can improve

4. Three thinks they learned

Take these individual findings and, as a team, identify:

1. Top three positive things about the project

2. Top three negative things about the project

3. Top three areas for improvement as a team

4. A brief description of the Team’s impression of the project, working remotely, and anything else you want me to know.

  Respond to the following in a minimum of 175 words: 

Security requirements are often closely tied to regulations that governments impose on organizations that hold any type of private, personal, or sensitive data. An effective security policy must address and enforce regulatory requirements for a given industry and jurisdictions where an organization operates. Having a good handle on what regulations apply where can become quite complex for a business headquartered and doing business in its home country while providing services internationally via its websites. While your situation may vary regarding the reach and complexity of your organizational experience, you will encounter the need to parse out legal language into functional requirements.

• Identify an existing company or organization you’re familiar with or that you have researched. What products or services does it provide? What types of secure information would this entity hold? Where does it conduct its business or services? What regulations hold its actors accountable to the sensitive data in its keep?
• What types of security policies and controls would you recommend to comply with the regulations and to uphold information security for this organization?

Requirements

Answer the following question(s):

1. A best practice for threat assessments within the seven domains of a typical IT infrastructure is

“Assume nothing, recognizing that things change.” What do you think “assume nothing” means in

this context?

2. A best practice for performing vulnerability assessments within the seven domains of a typical IT

infrastructure is to identify assets first. Why should you identify assets before performing

vulnerability scans?

Fully address the questions in this discussion; provide valid rationale for your choices.

Required Resources

§ Course textbook

§ Internet access

Submission Requirements

§ Format: Microsoft Word (or compatible)

§ Font: Arial, size 12, double-space

§ Citation Style: Follow your school’s preferred style guide

§ Length: 1–2 pages