1. Risk Assessment of ICT System
Perform risk assessment for the organization and it is related to ICT security threats and vulnerabilities. The final outcome is to identify :
a. critical ICT assets and their vulnerabilities;
b. to recommend measures to ensure that those ICT assets are in forensic readiness when the computer security incidents occur.
Idea is to ensure also preservation of digital evidences where it is practicable.
I need one specific example of that ICT Risk Assessment process (e.g. what are identified critical assets, how they are classified according to its threats ,impact and vulnerabilities) and what are the measures for forencis readiines after threats/vulnerabilities are identified, which will expand ideas to finalize my document-see above under a., and then recommend measures for forensic readiness-see above under b.).
2. Developing Computer Incident Response System on WAMP platform
I need help with initial programming of the system as displayed in the attachment..its about simple computer incident response system that , as per my idea, shall be universal and easily deployed elsewhere on Windows platforms. In this attempt, I would like to build it on WAMP with Apache as Webserver, My SQL as database server and PHP scripting language which I already have on my system but this is not highly constrained.
Any initial (or if you have pre-build) working system as described in attached algorithm will help me to continue tailoring/re-modifying it to my needs and I will enrich it with more scripts that will generate reports (as emails) when various security breaches occur on ICT network.