CORPORATE GOVERNANCE FOR INFORMATION SYSTEMS SECURITY

Sample Solution

  Forensic Tool Category I will select the Data Acquisition tool category for this SLP. Data acquisition is the process of collecting data from a computer system or device for the purpose of conducting a forensic analysis. This can include data from hard drives, memory, network traffic, and other sources.

Full Answer Section

  Company I will use the company Google for this SLP. Google is a large, multinational technology company that operates a search engine, cloud computing platform, and a variety of other products and services. How to Use the Tool Category Data acquisition tools can be used to collect data from a variety of sources, including:

• Hard drives
• Memory
• Network traffic
• Mobile devices
• Cloud storage

The specific data acquisition tools that are used will depend on the specific needs of the forensic analysis. For example, if the forensic analyst is trying to recover deleted files from a hard drive, they would use a different tool than if they were trying to collect network traffic data. How to Apply the Tool Category in Performing the Forensic Testing The data acquisition tools would be used to collect data from the Google corporate network and systems. This data would then be analyzed by forensic analysts to look for evidence of a security breach or other malicious activity. The data acquisition tools would be used in a variety of ways, including:

• Collecting data from all of the Google corporate systems
• Collecting data from specific systems that are suspected of being involved in a security breach
• Collecting data from systems that have been compromised by malware

The data acquisition tools would be used in accordance with the National Institute of Standards and Technology (NIST) Computer Forensic Tool Testing (CFTT) guidelines. These guidelines provide guidance on the selection, use, and evaluation of forensic tools.