Reference no: EM132001391

Question: Objective: Design a digital forensic incident response and analysis toolkit. Describe the preparation, tools, and procedures necessary for responding to an incident. The description should include the purpose of each tool and the role it plays in an investigation. Develop a scenario response that includes both computer and mobile device examination. Describe how your toolkit and procedures would be used during the scenario from initial notification to report delivery and results presentation.

Course Goals:

1. Develop and utilize a methodology for digital evidence collection, preservation, and analysis.

2. Develop incident response plan and procedures for a variety of digital forensic situations.

3. Evaluate environment for global/international influences and determine implications on forensic procedures.

4. Appraise appropriate digital forensic techniques for Network, Internet, and Cloud-based environments.

5. Incorporate validated forensic results into appropriate action plans, reporting, information sharing, and information archiving procedures.

Scenario: Slatestone Land Development contracted Acer Tree Service to clear land for construction of several homes. The home is located on a bluff with a tree obstructed view of a lake. The tree service cut several trees that were on a private landowner's property that were obstructing the lake view for the new homes. The private landowner is upset because she now has a ‘fish bowl' effect where the new homes are looking at her house whereas before the tree cutting episode her home was secluded.

The developer claims he didn't authorize the tree cutting. The new home owners claim that they didn't request the trees to be cut. Acer Tree Service claims that they were instructed cut all the trees that were marked with red spray paint. Slatestone and Acer have worked in the past, and marking trees with red spray paint is standard practice in the industry. All 18 trees were clearly marked with red paint, though no one from Slatestone was on site to supervise, and Slatestone claims they did not mark the 18 trees that were mistakenly cut.

The private landowner has decided to file a lawsuit for criminal trespass and destruction of property against Slatestone, Acer, and the owners of the new homes for the 18 mature maple trees that were cut. The law firm representing the private landowner has successfully argued for electronic discovery of the phones and computer for the home owners, Slatestone, and Acer in order to establish fault and liability. You have been hired to perform the digital forensic examination. The court order stipulates that only email and text messages from one month prior to the incident to the present time may be retrieved. Further stipulations include that the forensic report must first be provided to opposing counsel and is subject to objection. Additionally, the court order indicates that if you disclose information to the private landowner or her legal representative that you could be subject to civil and criminal prosecution. You have ten days to schedule your evidence collection and submit your reports to opposing counsel.

Deliverables: You need to outline the tools and materials you will need to complete this engagement, indicating how each tool will be utilized. Provide a schedule that outlines your plan for completing the investigation, including coordinating evidence seizure and report dissemination. In a distinct section of your assignment, outline the steps that you will take to comply with the court order. The paper should be 5-7 pages, and include at least five sources.