User Account

All Pages

Implement a number of methodologies

Assignment Help Computer Network Security
Reference no: EM132876900 , Length: word count:1400

BN309 Computer Forensics - Validating and Testing Computer Forensics Tools and Evidence

Learning Outcome 1: Systematically collect evidence at private-sector incident scenes.
Learning Outcome 2: Document evidence and report on computer forensics findings.
Learning Outcome 3: Implement a number of methodologies for validating and testing computer forensics tools and evidence.

Assignment Detail:

Objective: The objective of the assignment is using/comparing Computer Forensics Tools for a given case. The assignment require you to acquire data from a USB drive, perform data recovery using different techniques and tools, analyzing it and finally performing the validation of acquired data. In addition, students are required to document all steps in a report, and the report should be formal so that it can be used in a legal proceeding. Marks will be awarded based on the sophistication and in-depth presentation of the techniques explored.

Case Study: Working as a forensic analyst, you have been assigned a case of embezzlement. A 32GB storage drive (for example a USB) is found from the suspect's office, the USB may have data with digital clues that may be related to the case. The USB contains different types of files for example Doc files, Excel files, a couple of image files, and some text files.

Assignment Specification:
Prepare a report on the following sections related to the case study.

The assignment consists of two parts.

In Part A, you will install and compare two Computer Forensics Tools required to complete this report.

Data Preparation: You need to use your own USB to create/delete files as mentioned in the scenario below and perform the digital forensics investigation:

1. You need to create six files of type pdf, excel and word documents, where you need to name these files as follows: YourMITID_BN309_Assignment01.*, where * depends on the file type. In addition, you need to change the attribute of these files to describe the Metadata which holds data such as your name as an author, organization name "MIT", computer name "based on your terminal name", date/time created, and comments such as "created for Assignment1 of BN309".

2. Modify the extension of one of the doc files to .jpeg.

3. Then you need to delete 3 files including the file you have modified its extension, one of each type.
Take the screenshot of each step and include these in your final report. Provide the list of references using IEEE referencing style at the end of the report.

In Part B, you will use the feedback from Part A to extend your report further to address the following requirements:

Section 1: Data Acquisition

Prepare a forensic image (bit stream copy) using any two standard tools from Table 1 with the record of data deletion. In the report, you need to include the screenshots of each step. You will need this image to perform consecutive tasks. You need to cover the challenges to and make a successful acquisition what are the relevant format to use and why. Describe steps required for search and seizure. (400 words)

Section 2: Data Recovery

The suspect has deleted three image files from the USB, recover these files and explain the method (with screenshots) and tool you used. (300 words)

In addition, recover the data from recycle bin, explain the procedure with screenshots. You need to recover the metadata of these files. (200 words)

Section 3: Data Analysis

Inspect all files in the USB, use a hex editor and analyze if there is any hidden data in these files. Provide screenshots of your analysis. Describe the tools that can be used for analyzing the deleted files, and also describe the benefit(s) for conducting a window registry analysis. (300 words)

Section 4: Data Validation

Explain different methods of data validation and use one of them to validate data on USB. Explain how to verify the file extension if it has been altered using relevant tools. Demonstrate with snapshots the data validation as well as detecting the file extension alteration. (400 words)

Attachment:- Computer Forensics.rar

Reference no: EM132876900

Questions Cloud

Principle events of process and thread : Discuss the principle events of PROCESS AND THREAD used in both the hosting OS and the OS management of the appropriate QUEUES.
Advantages of informal sector in developing countries : 2. Explain four conditions that must hold for devaluation of a currency to be effective in developing countries
Explain the issues of runway incursions : Explain the issues of runway incursions, and address some of the safety management challenges in mitigating these incursions, facilities, and infrastructure.
What would be the residual income resulting from the upgrade : If the company has a minimum required return on investment of 8.0%, what would be the residual income resulting from the upgrade
Implement a number of methodologies : Implement a number of methodologies for validating and testing computer forensics tools and evidence - Systematically collect evidence at private-sector
Economic development of developing countries : 1. Outline six contributions of industries in the economic development of developing countries
Analyze the subjective portion of the note : Would you reject/accept the current diagnosis? Why or why not? Identify three possible conditions that may be considered as a differential diagnosis
What were the product costs and period costs for last year : In addition, the company suffered a $20,200 uninsured factory fire loss during the year. What were the product costs and period costs for last year
Crypto project that highlights thesis : A crypto project that highlights a thesis and research,

Reviews

Write a Review

Computer Network Security Questions & Answers

  Real-time security control system for smoke

Real-time Security control System for Smoke and fire detection Using Zigbee and GSM-SMS method-To find the exact location of the fire

  Explain your research and your findings of the tools

Create a PowerPoint or a similar presentation to explain your research and your findings of the tools. Graphics - Charts, Graphs, Illustrations, etc.

  How does active directory support network security

ISOL534 Provide an explanation of if/where/how does Active Directory support network security. The paper must be at least 10 pages (2,000-2,500) words.

  Analyze three specific potential malicious attacks

Analyze three (3) specific potential malicious attacks and / or threats that could be carried out against the network and organization.

  Briefly identify the compliance

Pick an organization from either the eCommerce sector (anyone trading in products or services using the Internet) or the Banking/Finance sector

  What does the s stand for in stride

What does the S stand for in STRIDE? Write questions that are appropriate for the final exam. (Multiple choice - 4 choices.)

  Pros and cons of singular and consolidated policy format

What are the pros and cons of Singular and Consolidated policy format? Is it necessary to include standards, baselines, guidelines or procedures in this policy document? Explain your answer

  Explain each protocol stack where encryption can be used

Explain each protocol stack where encryption can be used and how it is used in real world applications. Support your argument with examples.

  Describes what cybercrime is

Describes what cybercrime is.Compares digital forensics and cybercrime methods.Identifies cybercrime instances where the computer was a target of a crime.

  What are the three rules specified by the biba model

What are the three rules specified by the Biba model? Explain the difference between certification rules and enforcement rules in the Clark Wilson model.

  Complete annotated bibliography on your assigned about iran

Complete an annotated bibliography on your assigned about Iran. The annotated bibliography must contain at least 20 entries. You may use Internet sources, but please include at least 5 academic journal articles in the assignment.

  Explain the current state of web application security

Describe the major potential security risks associated with maintaining the organization's Web presence, protecting its assets, and promoting e-Commerce.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd