Problem Solution Proposal For Student Thesis Graduation

Problemsolution Proposalnamejohn Studentthesisgraduated Drivers Li

Problemsolution Proposal NAME: John Student THESIS: Graduated driver’s licenses should be issued for drivers ages 16 to 18. INTRODUCTION: Statistics showing the number of deaths and injuries due to teenage driving is alarming. In fact, the leading cause of death for teenagers in the United States is accidents due to teenage driving. Many of these accidents include hitting poles or driving off the road. When these accidents are investigated, often the teenager was showing off to friends. Teens are not only causing danger to themselves, but they are endangering the lives of others. Therefore, the public needs to do something to put a stop to the dangers in teen driving. Building the Problem (2-3 subpoints): Other ideas to stop halt teenage driving are not beneficial. 1. Raising the driving age would cause problems with transportation such as driving to school or work. This would cause them to be more dependent on parents. 2. Some suggest taking more driving educational classes would prevent accidents. Studies show the opposite. The accident rate is just as high for those who had driver’s education and those who have not. The problem with teen age driving is not more education or raising the driving age, but teens need to have more experience behind the wheel and learn how to use more caution in driving. 1. Many teens have short attention spans and are more concerned with being “cool” than they are being safe. 2. Many drive as if playing a video game and have no fear. 3. The only way to build caution and attention is by giving teens more guidance and experience driving. Learning to be wise comes with experience. The Solution: (2-3 points) 1. Granting students a graduated license between the ages of 16 and 18 would give students more privileges as they gain more experience driving. 2. The graduated license involves three stages which include requiring an adult in the car for three months; then driving alone during the day, and after driving accident free for nine months to a year, the student would be given a regular license. 3. States that have already used this program have fewer accidents resulting from teenage driving. ISE 640 Lab Eight Guidelines and Rubric Monitoring Network Traffic Overview: You will be completing several labs throughout this course. The purpose of these labs is twofold:  The experience will provide you valuable opportunities to “walk a mile” in the shoes of a forensic practitioner performing basic forensic tasks. Gaining this type of experience is necessary in managing and relating to the individuals and teams with whom you will interact with in the field  Practice the communication and writing skills you will need to employ in both pieces of your final project. It is important to note that these activities are important to your final project but do not share the same scenario as your final project. They are practice opportunities that focus on a specific but smaller set of topics and skills. You will complete a lab “briefing” paper and submit it to your instructor for grading. A template of this brief is provided for you. Scenario: As in the previous labs, you are given the following scenario: While working for ACME Construction Company, you have been tasked with an investigation of a Windows 8 hard drive. You have been told that your company suspects a high-level employee of a policy violation. It is believed that Drew Patrick wrongfully copied sensitive corporate documents containing valuable intellectual property (IP) to his personal computer. Further, there is reason to believe that he may have then provided the documents to a competitor. Due to the value of the IP, the investigation has moved from a simple incident response to a forensic investigation. In Lab Two, you finished creating and verifying an image for use in the forensic lab. Lab Three had you looking for anything unusual on the suspect’s computer that may indicate that Drew was covering his tracks. Evidence of a separate anonymous login was found. In Lab 6, you found evidence of physical access and correlated that with the creation of a privileged account that may have been used to exfiltrate sensitive documents. You will finish the scenario in this final lab by looking for network evidence. Although the scenario laid out in the lab does not directly correspond with our classroom scenario, there are many reasons in our investigation that we may want to analyze network traffic. There is evidence that Drew Patrick wrongfully accessed files and copied them onto his hard drive where he then transferred them to a location outside of the company. To finalize this investigation, it would be likely that you would identify network devices such as routers, firewalls, intrusion detection/prevention systems (IDS/IPS), security information and management (SIEM) software, etc. and use their log files to further verify the file transfers. Often these network devices have an option to perform packet capture and save the captures to a pcap file. Pcap files are a standard format that can be viewed with many different tools, such as Wireshark, which we will be using in the lab. The first task in the lab is to set the network interface on the “capture” system into promiscuous mode. This is required in order to capture all packets regardless of the destination addresses in those packets. The lab uses Leafpad to perform this modification. The command for Leafpad is shown in the screenshot below: The lab notes inform you that the command above may not work with the ampersand appended to the end. If that is the case, simply run the command without the ampersand. Once you have successfully entered the previous command, you may be prompted for a password, which is found under the computers tab on the right side of the lab interface. The changes you are asked to make to the /etc/network/interfaces file should resemble the following: Once the interfaces file is saved, a restart of the network daemon is required. The lab will then have you run Nmap to create traffic that will be captured by the host machine. The packets that have been captured are saved as a TCPDUMP file (capture.pcap). The TCPDUMP file will be fed into Snort (a popular IDS). Snort compares the captured packets to a large set of intrusion rules to identify possible intrusion attempts. A review of the Snort output reveals a couple of interesting items: a data exfiltration attempt as well as a privilege escalation attempt. (This supports the scenario in the final project that the suspect is attempting to steal IP.) Further analysis of the pcap file created via TCPDUMP could be used to verify the details of the exfiltration attempt, which, in turn, may lead to an investigation of the web server log files. Information discovered via Snort, Wireshark, and the web server logs may corroborate the evidence gained elsewhere. Prompt: In your report, be sure to address the following critical elements: 1. Provide a brief summary of the lab. What did you do in the lab? How did it work? What did you look for/find? 2. Briefly describe the specific practices or resources that were most important in supporting the investigation and maintaining evidentiary integrity in this lab. For example: a) Chain of custody practices b) Digital forensic tools c) Incident response tactics 3. Briefly describe best practices or resources necessary in terms of next steps in this lab scenario. 4. Include screenshots that support #2 and #3 in your briefing. 5. Ensure your entire briefing is appropriate to your internal audience, employing brevity and consumable language (in this lab, your audience will be your teammates/company attorneys/executive team).