The Incident Management and Response


Incident Management and Response

Don't use plagiarized sources. Get Your Custom Essay on
The Incident Management and Response
Just from $13/Page
Order Essay








Student Name:

Student Number:


Table of Contents

Question 1.1. 2

Question 1.2. 2

Question 2.1. 3

Question 2.2. 3

References: 5






Question 1.1 

Timestamps play a critically important role in the forensic data analysis of any digital investigation. Timestamp maintains or keeps a record of the last activity of the user modification. There are mainly three types of timestamps present: creation, modification, and access timestamp. Thus, analyzing timestamp for any analysis means one has information to create, read, or modify depending upon the user activity. With this information, the forensic team knows when and how a specific action is being performed and can prove that transfer or creating a specific file happens from the suspected system (Khalid et al., 2021). Some victims always try to delete or make changes in the log files to hide their track. But due to the lack of awareness and skill, some information is still available, which can be analyzed by timestamp. Although it can be modified by using tools like a cat and grep, even if the victims are clever enough to use those tools to modify the timestamp of the system files, victims have to use the same tools. Which means it does not have a valid timestamp of the modified file. The original valid timestamp is somewhere on the system as the file found in the system is in the read-only medium mode, which was clearly shown in the system. There are many system files such as FAT, NTFS, and EXT, which keep timestamps within the system to maintain a record and be updated by the operating system from time to time. So by proper analysis of timestamp, we can track the victim operation in any system (Zhou et al., 2021).


Question 1.2   

Bit Torrent is a peer-to-peer file-sharing protocol that makes any person anywhere can download or upload a specific file. When a specific file is uploaded into that system, the file breaks into small pieces of the fragment. These fragments are in the form of torrent files, stored in a different system of the trackers. When a user tries to download a file, the user downloads a torrent file which gathers information from the tracker’s systems and connects to the user systems. With this system, the speed increases, and different small files are downloaded simultaneously. The file may contain software, songs, books, new movies, web series, or illegal content. It has no restrictions for the user, making it easier to download and upload files in the web world. Although it can be used for better purposes, several files from the examples may contain legal copyright, and access to it without prior information to the owner may cause legal issues due to that copyright protection.

In some cases, it makes enormous losses to the owner of that file, for example, if a new movie was stolen from any cinema hall and uploaded on the bit torrent. This makes easy access to the web world, and user downloads it quickly. With this download, the audience of that movie gets reduced drastically, making a substantial economic loss to the director of the film. So if anyhow the access to that specific file found from any IT system of anybody, the owner takes legal action upon the user of that specific IT system, which causes a real legal mess of the entire system. (Söderberg and Råhlén, 2021)

Question 2.1   

The APCO good practice guide for digital evidence clearly states that no modification of data should be done with the system which is being a evidence to prove victims. By doing and follow the rules forensic team have to face a lot of challenges. This may be technical, legal or resource challenges. In technical portion some time victim use encryption which make the victim to hide his route of access and make him invisible to found so to break the encryption the team need some modification which is against the law. Some time, using system command and program victims often make file invisible. Using of covert channel are increasing now days where the victims use bypass intrusion detection techniques to hide data over network and for all this team have to modified data for investigation and that makes challenges for them. In legal cases due to lack of proper investigation model and standard operation process make the system messy. For accessing special files lot of tampering, alteration and transportation is needed for this no standard process of it access make system often tough. As technology are exponentially increase with time there is no proper issue regarding the preference and case study of digital evidence so lack of resource make team to follow guidance properly. Forensically sound means a complete data collections process where data is collected from the victim with proper imaging and steps, that in the process of step there is no alteration involved and no change in its metadata system. Every evidence is collected in such a way that if any audit or investigation is done with the process, the team can give sufficient evidence in every step. In short, all data which are collected in terms of electronic medium are stored in its original form without any modifications. so the best way to preserve that data is by imaging and a bitstream copy of the entire data including hidden and modified files of the victim.( Pattanaik et al., 2021) 

Question 2.2   

While communication over internet each user has unique protocol address what we call IP address. It contains numbers and letters and which connected to any data which are moving through the internet. This data are stored in the server of the internet service provider so for analysis any crime situation this plays an important role in digital forensic investigation. With this information’s the forensic team can find out. (MET et al., 2021) 

  1. Timestamps
  2. Images
  3. Text documents
  4. GPS location
  5. Encrypted data

With timestamps the team can get an access of the time of incident and proof the timing of victims, it also helps to trace the data when and how it modified in the system. By this, a route or map will be found during the entire procedure, and tracing that map of operation, the team can find when and where the file has been moved or accessed.

Images can become a key evidence of investigation it’s provide evidence to prove which data are missing or added in the victims system.

From the text documents we can analyze the encrypted message or any instruction which are followed by the victims during the operation

It is the most important piece of information’s by which we can locate the victim place and know the exact geographical region from where the victims operate. By that they can easily locate that place and cease all that activity with immediate actions. Traceability will become more easily with these functions.( Mirza and Karabiyik, 2021)

Encrypted data is always used while doing a crime by those victims makes hidden his all activities during the entire process. So by breaking the encryption, the forensic team can get curial data which they want to find. 





Ahmed, S., Zehra, N., Noordin, S., Sadruddin, A. and Khan, A.H., 2021. Bridging the gaps in secondary fracture prevention at a single center in Pakistan—compliance with the IOF best practice framework. Archives of Osteoporosis, 16(1), pp.1-5.

Iosup, A., Tribler Protocol Specification.

Khalid, Z., Iqbal, F., Kamoun, F., Hussain, M. and Khan, L.A., 2021, October. Forensic Analysis of the Cisco WebEx Application. In 2021 5th Cyber Security in Networking Conference (CSNet) (pp. 90-97). IEEE.

Khan, A.A., Uddin, M., Shaikh, A.A., Laghari, A.A. and Rajput, A.E., 2021. MF-ledger: blockchain hyperledger sawtooth-enabled novel and secure multimedia chain of custody forensic investigation architecture. IEEE Access, 9, pp.103637-103650.

MET, L. and DEL INDIVIDUO, A.F.Í.S.I.C.A., y IP address 192.168. 10.17 on 2021/11/30. y IP address 192.168. 10.17 on 2021/11/30.

Mirza, M.M. and Karabiyik, U., 2021, May. Enhancing IP Address Geocoding, Geolocating and Visualization for Digital Forensics. In 2021 International Symposium on Networks, Computers and Communications (ISNCC) (pp. 1-7). IEEE.

Moric, Z., Redzepagic, J. and Gatti, F., 2021. ENTERPRISE TOOLS FOR DATA FORENSICS. Annals of DAAAM & Proceedings, 10(2).

Pattanaik, P., Himanshu, U., Bhushan, B., Thakur, M. and Pani, A.K., 2021. A study of the adoption behaviour of an Electronic Health Information Exchange System for a Green economy. International Journal of Logistics Research and Applications, pp.1-26.

Söderberg, E. and Råhlén, J., 2021. An analysis of decentralized peer-to-peer file sharing performance: An overview of how different parameters affect the average download time in a BitTorrent-like network.

Yadav, M., Bhadola, M.S., Bhatia, M.K. and Sharma, R., 2021. Torrent Poisoning: Antipiracy and Anonymity. International Journal of Innovative Analyses and Emerging Technology, 1(3), pp.60-63.

Zhou, L., Fujita, H., Ding, H. and Ma, R., 2021. Credit risk modeling on data with two timestamps in peer-to-peer lending by gradient boosting. Applied Soft Computing, 110, p.107672.

How to place an order?

Take a few steps to place an order on our site:

  • Fill out the form and state the deadline.
  • Calculate the price of your order and pay for it with your credit card.
  • When the order is placed, we select a suitable writer to complete it based on your requirements.
  • Stay in contact with the writer and discuss vital details of research.
  • Download a preview of the research paper. Satisfied with the outcome? Press “Approve.”

Feel secure when using our service

It's important for every customer to feel safe. Thus, at University Study, we take care of your security.

Financial security You can safely pay for your order using secure payment systems.
Personal security Any personal information about our customers is private. No other person can get access to it.
Academic security To deliver no-plagiarism samples, we use a specially-designed software to check every finished paper.
Web security This website is protected from illegal breaks. We constantly update our privacy management.

Get assistance with placing your order. Clarify any questions about our services. Contact our support team. They are available 24\7.

Still thinking about where to hire experienced authors and how to boost your grades? Place your order on our website and get help with any paper you need. We’ll meet your expectations.

Order now Get a quote

error: Content is protected !!
Open chat
Need assignment help? You can contact our live agent via WhatsApp using +1 718 717 2861

Feel free to ask questions, clarifications, or discounts available when placing an order.

Order your essay today and save 30% with the discount code STUDY