Part 2 Assignment: Written Portion Requirements

lab details

Unit 6 Lab: Forensic Analysis of a Windows 10 Client

Outcomes addressed in this activity:

Unit Outcomes:

• Examine Windows files for evidence of a compromise.
• Use Windows commands to easily examine a system.
• Use EFS forensic analysis to perform an analysis.

Course Outcomes:

IT411-3: Apply various types of forensic analysis tools for data recovery to forensic scenarios.

GEL-1.02: Demonstrate college-level communication through the composition of original materials in Standard English.

PC-3.5: Engage in career development and advancement strategies, including effective networking, mentoring, and creating a personal brand.

In many forensic investigations, the goal is to determine if any information was exfiltrated or to be able to confidently determine it was not. Many different tools are available that aid in this process, and in this unit, you explore two major approaches. One is examining logs that could be months old for evidence, and the other is real-time detections.

Part 1 Lab: Forensic Analysis of a Windows 10 Client

Complete the lab Forensic Analysis of a Windows 10 Client” in the InfoSec Learning (ISL) environment located in Unit 6. Completion is automatically graded and posted to the Gradebook entry for the lab.

Part 2 Assignment: Written Portion Requirements

Data integrity is one of the three pillars of the CIA triad (confidentiality, integrity, and availability). The encrypted file system first came into use on NTFS volumes starting with Windows 2000, and has since been a reliable way to keep files and folders secure on Windows server and client systems. If the user changes their password, they may need to use a recovery key to access the file. In this lab, you will see how it is possible to provide access to other users to the files or folders that were encrypted using EFS.

In 300 words or more, answer the following:

• What are the benefits of using encryption?
• What are some of the drawbacks of using encryption?
• How secure is the use of encryption?
• Could current forms of AI break this type of encryption?

Respond to the question by comparing and contrasting your position using both pros and cons.

Your compare and contrast paper must:

1. Include a title page.
2. Use a font size of 10 or 12.
3. Be at least two full double-spaced pages in length, not counting the title page or reference page.
4. Include a highly developed viewpoint, purpose, and exceptional content.
5. Demonstrate superior organization and be well-ordered, logical, and unified.
6. Be free of grammar and spelling errors.
7. Contain no evidence of plagiarism.
8. Include at least two references.

The written portion must contain sufficient information to adequately address the questions and be free from grammar and spelling errors. The paper should be provided in APA format. You may use AI as part of your research but ensure you cross-reference your research to prevent misinformation. Refining your prompts can help you generate precise and relevant responses. Refer to your syllabus for more information on Purdue University Global’s artificial intelligence (AI) policy and resources.

For assistance with APA requirements, please use the resources provided in the Academic Tools section of the course. Points deducted from grade for each writing, spelling, or grammar error are at your instructors discretion.

Review the policy on plagiarism. This policy will be strictly enforced on all applicable labs and discussion posts. If you have any questions, please contact your professor.

Directions for Submitting Your Lab

The lab you take on InfoSec Learning will be graded automatically and reported to your instructor, but you must submit the written portion of the lab to assignment Dropbox. Compose the written portion of your lab in one Microsoft Word document, save it as a file entitled IT411_Unit6Lab_yourname.docx, and submit it to the designated assignment Dropbox for this activity.