DFC 640
Response Readiness Plan
University of Maryland – Global Campus
DFC 640: Advanced Forensics
Table of Contents
Response Readiness Plan..................................................................................................1
Overview..........................................................................................................................3
Forensic Readiness Plan..................................................................................................3
Conclusion.......................................................................................................................5
References........................................................................................................................7
Overview
Preparation is paramount when mitigating the potential for a security breach. The
objective of this plan is to provide a comprehensive investigation project plan that highlights
how an organization should conduct a digital forensic investigation in the event of a security
breach. This plan provides the details of the process that is required to forensically investigate a
security breach while maintaining the need for business continuity and a rapid return to business
as usual. During a forensic analysis packet analysis is used to collect information on the security
incident, as well as to determine if media must be analyzed as well. The analysis completed on
forensic data relevant to the attack; the process of identifying the attacker, compromised server,
and service; the exploited vulnerability; and the data that was breached determines the scope of
areas to be addressed in a forensic readiness plan. Malware, hacking, and insider activity are the
many sources where compromises can originate. Due to limited information about a security
Response Readiness Plan
University of Maryland – Global Campus
DFC 640: Advanced Forensics
Table of Contents
Response Readiness Plan..................................................................................................1
Overview..........................................................................................................................3
Forensic Readiness Plan..................................................................................................3
Conclusion.......................................................................................................................5
References........................................................................................................................7
Overview
Preparation is paramount when mitigating the potential for a security breach. The
objective of this plan is to provide a comprehensive investigation project plan that highlights
how an organization should conduct a digital forensic investigation in the event of a security
breach. This plan provides the details of the process that is required to forensically investigate a
security breach while maintaining the need for business continuity and a rapid return to business
as usual. During a forensic analysis packet analysis is used to collect information on the security
incident, as well as to determine if media must be analyzed as well. The analysis completed on
forensic data relevant to the attack; the process of identifying the attacker, compromised server,
and service; the exploited vulnerability; and the data that was breached determines the scope of
areas to be addressed in a forensic readiness plan. Malware, hacking, and insider activity are the
many sources where compromises can originate. Due to limited information about a security
