The student in this case has failed to arrange points clearly to answer the question. An example of this is that the student defines RAT in the middle of the paper. This should have been the introduction. Secondly, the student has failed to point out clearly the corporation that was affected by the RAT. There are two corporations in this case which are department of homeland defense and other corporations. This means that the answer is based on the network of many corporations. By discussing the RAT on networks of many organizations means that less part of the topic is covered. By focusing on homeland defense department only, the student would have effectively described the issues related to attack in this organization.
The second part is well answered even though the student has included many unnecessary details. It becomes difficult to trace the answer to the question in this case. The student could have specified the forensic method first, for example; MacAfee software. The student could have then described the tool and process instead of including a lot of details in the answer. However, it is important to appreciate that the student has answered the two questions.
The student has answered the question very well. By beginning with the introduction, the reader of the answer knows what is addressed in the answer. The word RAT is described well and individuals without the knowledge on this subject can understand the word. Secondly, the student answers the first question by identifying the corporate network that was affected; Israel police computer. The student then describes what happened after the attack.
The second question is answered well since it begins by identifying the forensic tool as required by the question; Root kit revealer. Te student then goes ahead to describe this software. In this case, the question is well answered with the necessary introduction. The answers to the question are straight to the point and there is no unnecessary information in the answer.
References.
Christodorescu, M., & Jha, S. (2003). Static analysis of executables to detect malicious patterns.Proceedings of the 12th USENIX Security Symposium. Berkeley, CA: USENIX Association. Retrieved fromhttp://www.dtic.mil/cgi-bin/GetTRDoc?AD=ADA449067&Location=U2&doc=GetTRDoc.pdf
Calabrese, T. (2004). Information security intelligence: Cryptographic principles and applications. Clifton Park, NY: Delmar Learning.
Rouse, M. (2009) SearchSecurity. RAT (remote access Trojan). Retrieved from http://searchsecurity.techtarget.com/definition/RAT-remote-access-Trojan
Wang, W. (2006). Steal this computer book 4.0: What they won't tell you about the Internet. San Francisco: No Starch Press.
