Partial implementation of known articles to a company of hypothetical units/users – digital forensics and incident response readiness: Shockingly ready

Date of Publication


Document Type

Master's Thesis

Degree Name

Master in Information Security

Subject Categories

Computer Sciences | Information Security


College of Computer Studies


Computer Technology

Thesis Advisor

Fritz Kevin S. Flores

Defense Panel Chair

Jocelynn W. Cu

Defense Panel Member

Raymond C. Nunez
Richmond Ivann C. Liclican


In this study, the researcher described the cyber-attacks, threats, and incidents tackling cyber security are the matters that tries to overwhelm the organization’s information technology (IT), then turns into a true positive cyber security incident once an attack is successful. The successful attack or breach that happened makes it seem that the strength of the organization’s defences ineffective. The digital forensics and incident response (DFIR) investigations are performed, in a reactive manner, to incidents, and during the Post-Incident Activities. Digital Forensics (DF) investigators must do the work quickly to collect, analyze, process, and present the digital evidence. It is unfortunate that when incidents occur, and the company are not able to assist and support the DF investigation process with the data needed to conduct and perform analysis and will try to arrive at some credible and factual conclusions with the corresponding presentation and reports for different kinds of management levels. Any company or organization should have a reasonable and balanced concern for information security and DF readiness capabilities, and not to just reactively detect and identify where the relevant data are and work to have it smoothly and properly collected and preserved to assist and support the investigation. The researcher created and developed a questionnaire survey that will be useful for DF and IR investigations in knowing what the capabilities of one’s company are and trusting the management to know this and will provide necessary changes, modifications, and additions to the mix that will help the company assist and support in the DFIR investigations in the future while improving it at the same time.

Abstract Format



Capstone paper (CCS project paper)





Physical Description

125 leaves


Digital forensic science; Computer security

Upload Full Text


Embargo Period


This document is currently not available here.