HW1 Network Investigations

The lead for IT security has contacted you as the lead for network security to provide its senior executives with the current process by which network forensics is being conducted on both the wired and wireless computer systems. Management of the corporation would like to update its incident response plan (IRP) so that it includes an up-to-date section on the differences between the acquisition and examination of wireless devices and computer systems, as well as the follow-up reporting. The current plan only covers the incident response process for wired device acquisition, examination, and reporting and does not include the investigation differences between current wired and wireless device technology. With the advancements in use for wireless technology, the updates to this plan are required to ensure that the investigators understand the forensics process for both wired and wireless device network forensics.

Provide the following in the IRP:

  • Title page
  • Table of contents
  • Introduction: Overall purpose of IRP
  • Section 1.0: Recommended process for wireless device forensic data acquisition and examination as well as the required reporting of investigator findings
  • Section 2.0: Recommended process for the wired device forensic data acquisition and examination as well as the required reporting of investigator findings
  • Section 3.0: Differences between the wireless/wired device acquisition, examination, and reporting processes
  • Section 4.0: Overall conclusions reached

Ensure that references are used in APA format in the main body of the paper and in the reference list and that the proper sections and material for each section are included. 3-5 pages