This assignment focuses on forensics data collection plan to  use during a Red Team exercise. Your plan will be in use as part of training exercise for incident response personnel to help them learn to identify and collect evidence.
Your first task is to analyze the Red Team’s report to determine what they attack  or what attack vectors to use   Next, analyze the environment to determine what types of forensic evidence should be collected after the attack(s) and where that evidence can be collected from.

forensics data collection plan to use during a Red Team exercise.

Before you begin: Read the Project #1 description.(attached to the Project #1a assignment folder) paying special attention to the Red Team’s report.

For this week’s discussion our focus will be upon developing a brief (1-2 page) forensics data collection plan. The  plan will use  as part of training exercise for incident response personnel.

Your first task is to analyze the Red Team’s report to determine what they attack or what attack vectors to use.The analyzation of  the environment to determine what types of forensic evidence should collect after the attack(s) and where that evidence can collect  from.The  volatile sources such as RAM (memory) and static sources such as disk drives, thumb drives (USB storage devices), etc. You identify  the types of evidence and the devices from which evidence to collect document.

At a minimum your plan must document evidence collection for three specific attack vectors . The vector or vulnerability, document what type of evidence could we collect and where the evidence should be collect from.

you  critiques this week, you should review and critique the forensic data collection plans write  by two of your peers. You must also post at least two follow-ups or response postings (in any thread).