Add to collection(s) Add to saved
  1. No category
Uploaded by bokutokoutaru4

ftk imager

advertisement 
LAB ASSESSMENT – 4
NAME
:
REG . No. :
ADARSH VIKRAM SINGH
20BCI0075
SUBJECT :
CYBER FORENSICS AND
INVESTIGATION
COURSE CODE : BCI4001
SLOT
:
FACULTY :
L49+ L50
Prof. ANIL KUMAR K
Task 1:
Create a forensic Image using FTK Imager:
FTK Imager:
It is a digital forensic tool that is used to create forensic image which can
further be used for forensic analysis.
FTK Imager Interface:
Selecting the type of image:
Filling the Evidence Item Information:
Select the Image destination:
Click Start to start the image creation process:
Image is created successfully and we the check the image
verification results.
Task 2:
Testing 3 threat models in Microsoft Threat Modeling
Tool
What is a Threat Modeling tool?
Software that allows you to proactively identify and address potential security
threats to your software, data, or device is known as a threat modeling tool.
The creation of the application can include mitigation measures for these
vulnerabilities that are suggested by a reliable threat modeling tool.
Threat Model 1:
Threat_model_with_security_gateway
Analysis View:
Threat properties:
Vulnerability:
Our threat model is vulnerable to SQL Injection Attack.
Solution:
Using Web Application Firewall.
Using parameterized query.
Threat Model 2: Threat_Model_https
Analysis view:
Threat list:
Threat Properties:
Vulnerability:
Weak Access Control for a Resource.
Solution:
1. Using Multi factor Authentication.
2. Limiting access Privileges of the user.
Model 3: Threat_Model_with_Security_gateway
Analysis view:
Threat List:
Threat Properties:
Vulnerability:
Cross-Site Request Forgery
Mitigation used:
using anti-forgery tokens with any authentication
protocol where the browser silently sends
credentials after the user logs in.
Task 3:
OWASP Threat dragon
A modeling tool called OWASP Threat Dragon is used to build threat model
diagrams as part of a secure development lifecycle. The ideals and principles of
the threat modelling manifesto are upheld by Threat Dragon.
1. Creating a Threat Model.
2. Designing the Threat Model for Web Application.
3. Threat Analysis
4. Mitigating the threat.
Threat of DNS Poisoning is found and it is mitigated
using the DNSSEC(DNS Security).
Related documents
ex_buisness_expansion
ex_buisness_expansion
1984 Anticipation Guide
1984 Anticipation Guide
Apocalypse Assignment
Apocalypse Assignment
Stress Management - Dr. Fayose
Stress Management - Dr. Fayose
RULE
RULE
The foremost goal of the information security function should be to
The foremost goal of the information security function should be to
Download
advertisement