5Lab Assignment: Lab Three ReportAssignment
To complete this assignment, review the prompt and grading rubric in the Lab Three Guidelines and Rubric document. Use the Lab Report Template to structure your lab report. When you have finished your work, submit the assignment here for grading and instructor feedback.
This assignment requires you to use CYBRScore.
Lab Report Template
Complete each of the critical elements in your lab and submit this report to your instructor for grading in your course. Be sure to keep the lab reports that you complete and review, along with any feedback provided by your instructor, as they will help you create a quality submission for your final project. Review the individual lab guidelines and rubric documents for more information on these assignments.
You may complete the report in a separate Word document. If you choose to use a separate document, include all the questions asked in the guidelines and rubric document for that lab, as well as the accompanying screenshot. Your completed report should reflect the information below. Add additional question numbers with accompanying description and screenshot as needed to match the total number of questions required on a given lab guidelines and rubric document.s
1. Lab Number and Name:
2. Brief Summary of Lab:
· What did you do in the lab?
· How did it work?
· What did you look for/find?
3. Specific Practices or Resources:
· Briefly describe the specific practices or resources that were most important in terms of supporting the investigation and maintaining evidentiary integrity in this lab. For example:
a. Chain of custody practices
b. Digital forensic tools
c. Incident response tactics
4. Best Practices:
· Briefly describe best practices or resources necessary in terms of next steps in this lab scenario.
· Include screenshots that support items 3 and 4 in your briefing.
Ensure your entire report is appropriate to your internal audience, employing brevity and consumable language (in this lab, your audience will be your teammates/company attorneys/executive team).
Lab Three Guidelines and Rubric
Creating a Baseline Using the Windows Forensic Toolchest
Overview: You will be completing several labs throughout this course. The purpose of these labs is twofold:
The experience will provide you with valuable opportunities to “walk a mile” in the shoes of a forensic practitioner performing basic forensic tasks. Gaining this type of experience is necessary in managing and relating to the individuals and teams with whom you will interact with in the field.
Practice the communication and writing skills you will need to employ in both pieces of your final project.
It is important to note that these activities are important to your final project but do not share the same scenario as your final project. They are practice opportunities that focus on a specific but smaller set of topics and skills. You will complete a lab “briefing” paper and submit it to your instructor for grading. A template of this brief is provided for you.
Scenario: Please be aware that the instructions given inside of Lab Three refer to a separate scenario, not the one that we will be addressing in class. Use our classroom scenario to focus your learning in the lab.
In the previous lab, Lab Two, you were given the following scenario: While working for ACME Construction Company, you have been tasked with an investigation of a Windows 8 hard drive. You have been told that your company suspects a high-level employee of a policy violation. It is believed that Drew Patrick wrongfully copied sensitive corporate documents containing valuable intellectual property (IP) to his personal computer. Further, there is reason to believe that he may have then provided the documents to a competitor. Due to the value of the IP, the investigation has moved from a simple incident response to a forensic investigation.
In Lab Two, you finished creating and verifying an image for use in the forensic lab. Lab Three will have you tasked with a different part of the investigation. Wily miscreants will often attempt to cover their tracks. One supposedly clever way of doing this is to create a separate login account and use that account to perform all their evil deeds. Any decent investigator will analyze all the accounts, their creation dates, privileges, and activities in an effort to rule out the idea of evidence being planted by another or any attempt to cover one’s tracks.
Windows Forensic Toolchest (WFT) is often used on Windows computers to quickly and easily gather many details concerning the operating system and related functions. An investigator can use WFT to run a scripted set of commands that will allow them to easily identify many properties such as logins (successful or failed), network shares, groups and accounts, and many others. Proper documentation of these settings and characteristics will help to weaken the “it was not me” argument.
In your lab, be sure to document the following for your final project:
1. Internet protocol (IP) address of the computer at the time of the examination (IPCONFIG)
2. List of user accounts on the suspect machine (NET USER)
3. List of users who have logged on locally (LOGINS – ALL)
4. The shared directories on the network, which may aid in passing data outside of the company-controlled environment (NET SHARE)
5. The security logs and their details will be used in the log analysis lab. You can take a quick look at them here so you know what to expect during the following lab. (EVENT LOGS – SECURITY LOG)
as usual sensitive information will be communicated to you directly.Thank you
Why Work with Us
Top Quality and Well-Researched Papers
We always make sure that writers follow all your instructions precisely. You can choose your academic level: high school, college/university or professional, and we will assign a writer who has a respective degree.
Professional and Experienced Academic Writers
We have a team of professional writers with experience in academic and business writing. Many are native speakers and able to perform any task for which you need help.
Free Unlimited Revisions
If you think we missed something, send your order for a free revision. You have 10 days to submit the order for review after you have received the final document. You can do this yourself after logging into your personal account or by contacting our support.
Prompt Delivery and 100% Money-Back-Guarantee
All papers are always delivered on time. In case we need more time to master your paper, we may contact you regarding the deadline extension. In case you cannot provide us with more time, a 100% refund is guaranteed.
Original & Confidential
We use several writing tools checks to ensure that all documents you receive are free from plagiarism. Our editors carefully review all quotations in the text. We also promise maximum confidentiality in all of our services.
24/7 Customer Support
Our support agents are available 24 hours a day 7 days a week and committed to providing you with the best customer experience. Get in touch whenever you need any assistance.
Try it now!
How it works?
Follow these simple steps to get your paper done
Place your order
Fill in the order form and provide all details of your assignment.
Proceed with the payment
Choose the payment system that suits you most.
Receive the final file
Once your paper is ready, we will email it to you.
No need to work on your paper at night. Sleep tight, we will cover your back. We offer all kinds of writing services.
No matter what kind of academic paper you need and how urgent you need it, you are welcome to choose your academic level and the type of your paper at an affordable price. We take care of all your paper needs and give a 24/7 customer care support system.
Admission Essays & Business Writing Help
An admission essay is an essay or other written statement by a candidate, often a potential student enrolling in a college, university, or graduate school. You can be rest assurred that through our service we will write the best admission essay for you.
Our academic writers and editors make the necessary changes to your paper so that it is polished. We also format your document by correctly quoting the sources and creating reference lists in the formats APA, Harvard, MLA, Chicago / Turabian.
If you think your paper could be improved, you can request a review. In this case, your paper will be checked by the writer or assigned to an editor. You can use this option as many times as you see fit. This is free because we want you to be completely satisfied with the service offered.