User Account

All Pages

Discuss different methods of data validation

Assignment Help Case Study
Reference no: EM133713976

MBIS5005 Cyber Intelligence

Report and Presentation

Case Study

Learning Outcom 1: Outline a comprehensive process of digital forensics theory and practice and document evidence and report on computer forensics findings.
Learning Outcom 2: Administer appropriate tools and techniques to carry out a digital forensics investigations including recovery, validation and presentation of evidence.
Learning Outcom 3: Perform a practical investigation into computer forensics, including industry and legal procedures with respect to data acquisitions.

Assessment Description

Report
Overview
Assume a USB drive have been found in the company working site whereas none of the employee is supposed to carry a pen drive. The employees are allowed to use only company supplied USB. The manager suspects that some crucial information have been leaked or illegally downloaded. The USB contains different types of files including excel, image files of various formats, doc files and few text files.
Your manager assigns you the role to investigate and produce a forensics report based on your investigation. As part of the investigation, you will work on two phases, i.e. phase A and phase B. The details of phase A and phase B are described below:

Phase A
In this phase, you are required to conduct research on the current computer forensics tool that can be used for this kind of case study. Prepare a report containing the following information for each tool and state you would prefer to use:
Forensics vendors name
Tool name and latest version number
Features of the product

Pros and cons of the products

Phase B
In this phase, based on the research conducted in Phase A, install two forensics tool in your machine and compare the outcome at various phases. The detail plans and steps of the work are as follow:

Data Formulation
Get a USB of your own, approximately 8 to 16 Gb and follow the steps:

You will create six files type (pdf, excel and word documents). Name these files in a proper convention such as: groupnumber_unitcode_AssessmentNo_*, where "*" depends on the file type. Furthermore, the attributes of these files need to be changed to describe the Metadata which holds data such as your groupno as an author, organization name (any preferred name; could be AIH), computer name based on your terminal name, date/time created and comments such as "created for Assesment3".
Modify the extension of one of the doc file to .jpeg
Then delete 3 files including the file you have modified its extension, one of each type.
Take the necessary screenshots of each steps to be included in your report.

Part 1: Data Acquisition

Based on the installed tools, prepare a forensics image (bit stream copy) with the record of deleted data.
Include the screenshots of each step in the report.
Use this image to carry out the next part of activities.
In your report, cover the challenges to make successful acquisition and what are the relevant format to use and why.
Describe steps required for search and seizure.

Part 2: Data Recovery
As part of data recovery, consider the scenario where three image files of the USB have been deleted.
Recover the deleted images and explain the method based on the tool you use.
Provide sufficient screenshots.
In addition, recover the data from recycle bin, explain the procedure with screenshots. Recover the metadata of these files.

Part 3: Data Analysis
Use a hex editor and inspect all the files.
Check if there is any hidden files.
Take necessary screenshots of your working method.
Discuss about the tool, which can used for analysing the deleted files.
Would you be doing any windows registry analysis? Why?

Part 4 : Data Validation
Discuss different methods of data validation.
Use one the methods to validate the data of your USB.
How to verify file extension? Remember you have modified a file extension.
Validate and use screenshots to proof file extension alteration.

Presentation
Students are required to deliver a group presentation based on their case study performed in Assessment 3 (Report). All of the group members need to contribute and present the findings. In preparation of the presentation, the following steps should be taken into consideration:

Reference no: EM133713976

Questions Cloud

Perform a depth-first search recording start and finish time : Remove all the back edges from the graph so it becomes a DAG. Perform a depth-first search recording the start and finish times.
Discuss how diagnostic errors made by radiology : Discuss how diagnostic errors made by radiology impact the NPs ability to develop accurate diagnoses and treatment plans for patients.
Multiple skin lesions to the scalp-elbows and trunk : The client is seen today for assessment of multiple skin lesions to the scalp, elbows, and trunk.
Which two are the most important for spiritual maturity : Feldmeier discusses Jack Kornfield's A Path with a Heart, where he lists ten qualities of spiritual maturity.
Discuss different methods of data validation : Conduct research on the current computer forensics tool that can be used for this kind of case study - Discuss different methods of data validation
Identify the various sources for the product : This is where you identify the various sources for this product, along with critical information about their abilities to source the product.
Explaining what is meant by community-family education : Begin by explaining what is meant by community/family education. What is the role of community/family education in a client's recovery process?
Unconscious and accompanied by nurse from medical floor : A middle-aged man is transported to the emergency department unconscious and accompanied by a nurse from the medical floor.
Why it important to integrate evm in agile or hybrid project : QSO 420- Describe why it is important to integrate EVM in Agile or Hybrid projects. Identify what elements of EVM are already present in Agile or Hybrid project

Reviews

Write a Review

Case Study Questions & Answers

  Discuses herpes zoster - may use examples from your nursing

Select one of the topic mentioned below and discuses filling the form - Rationale must be provided Use at least 600 words (no included 1st page or references

  What might simons satisfice theory have played in situation

What role, if any, might Simon's (1976) "satisfice" theory have played in this situation? What might you have done differently.

  Evaluate current business systems and processes

In this task as in the course profile, you were asked to: evaluate current business systems and processes, propose improvements for the given case study

  Identify all hazardous materials involved

Identify all hazardous materials involved, their classifications and their physical properties and Discuss chemical incompatibility and interactions relevant

  The andaman-nicobar group of islands

Write a case study on the topic "The Andaman-Nicobar group of islands"

  What specific mechanisms did michael have available to him

What specific mechanisms, or opportunities did Michael have available to him for enlisting others? To what extent did Michael take advantage of these?

  Prepare an adjusted income statement and balance sheet

Prepare an adjusted Income Statement and Balance Sheet. Use a statutory tax rate of 35% to record income taxes payable and income tax expense - demonstrates the flexibility management has in determining Net Income under Generally Accepted Accounting..

  Advice adam with respect to what remedies are available

Advice Adam with respect to what remedies are available to him as a result of the breach of contract by Edwin and Would you advice be different if the motor vehicle was a late model Mercedes Ben

  How the carlson san approach would be implemented

Assess how the Carlson SAN approach would be implemented in today's environment. Compare the pros and cons of consolidating data on a SAN central data facility versus the dispersed arrangement it replaces.

  Write a short email announcement on bot

Write a short email announcement on BOT to send to companies we are targeting with our marketing campaign.

  Development and aging for exercise scientists

HSE113 Growth, Development and Ageing for Exercise Scientists - development and ageing to a series of case clients - Reflect on the importance of growth

  What conflicts must conoco resolve

What conflicts must Conoco resolve in deciding whether or not to develop block 16 in Ecuador's tropical rain forest.  How can Conoco achieve the necessary consensus to move forward?  Would you recommend that Conoco do so on this basis?

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd