Part 2 Assignment: Written Portion Requirements

lab details

Unit 8 Lab: Forensic Analysis of a Linux System

Outcomes addressed in this activity:

Unit Outcomes:

• Perform a forensic analysis of a Linux server.
• Examine the registry to determine artifacts resulting from malicious activity.
• Submit possible malware to an online resource to obtain additional information.

Course Outcomes:

IT411-5: Analyze forensic data from computers to investigate security breaches.

GEL-6.06: Apply research to create original insights and/or solve real-world problems.

In this lab, you will use a popular forensic tool, Autopsy, to perform a forensic exam of a Linux server. This process is similar to a more traditional forensic examination, except the purpose is to discover malicious software.

Part 1 Lab: Forensic Analysis of a Linux System

Complete the lab Forensic Analysis of a Linux System in the InfoSec Learning (ISL) environment located in Unit 8. Completion is automatically graded and posted to the Gradebook entry for the lab.

Part 2 Assignment: Written Portion Requirements

Some of the relevant forensic artifacts from a Linux system include Apache log files, the history file, and the secure or auth.log file, which includes valuable information such as SSH connections or user account activity. You will find that forensic analysis of a Linux system is far different than forensics in Windows.

In 500 words or more, answer the following:

• What are some of the things that you can learn from the forensic artifacts from a Linux system?
• How can we use AI to analyze Linux log files and catalog user account activity in a way helpful to administrators?
• How can they be used to help piece together the puzzle after a breach has occurred?
• Can AI be used to detect a breach as well as remediate the infected system once the detection has been confirmed?

Your paper must:

1. Include a title page.
2. Use font size 10 or 12.
3. Be at least 35 full double-spaced pages in length, not counting the title page or reference page.
4. Include a highly developed viewpoint, purpose, and exceptional content.
5. Demonstrate superior organization and be well-ordered, logical, and unified.
6. Be free of grammar and spelling errors.
7. Contain no evidence of plagiarism.

The written portion must contain sufficient information to adequately address the questions and be free from grammar and spelling errors. The paper should be provided in APA format. You may use AI as part of your research but ensure you cross-reference your research to prevent misinformation. Refining your prompts can help you generate precise and relevant responses. Refer to your syllabus for more information on Purdue University Global’s artificial intelligence (AI) policy and resources.

For assistance with APA requirements, please use the resources provided in the Academic Tools section of the course. Points deducted from grade for each writing, spelling, or grammar error are at your instructors discretion.

Review the policy on plagiarism. This policy will be strictly enforced on all applicable labs and discussion posts. If you have any questions, please contact your professor.

Directions for Submitting Your Lab

The lab you take on InfoSec Learning will be graded automatically and reported to your instructor, but you must submit the written portion of the lab to the assignment Dropbox. Compose the written portion of your lab in a Microsoft Word document, save it as a file entitled IT411_Unit8Lab_yourname.docx, and submit it to the designated assignment Dropbox for this activity.