MN624 Digital Forensic Assignment

Assignment Help Computer Engineering
Reference no: EM132483740

MN624 Digital Forensic - Melbourne Institute of Technology

Assessment - Validating and testing digital forensics tools and evidence

LO 1: Record, administer and document digital forensics in social media.

Assignment 1a: Leaving Clues to a Crime

In this Assignment 1a you will create a pretended crime scenario that needs computer forensic analysis. Along with the crime scenario, create digital clues that may be left on a small portable storage device.

The chosen crime scenario must be discussed according to the following questions:

Question 1) You will leave your digital "clues" on a flash/thumb drive. Provide your thumb drive (containing your digital clues) for analysis as an image by using software such as ProDiscover.
Include this screenshot in your final report!

Your digital clues must include at least one of each of the following:

- Hidden file
- Deleted file
- Graphic file
- Password-protected file
- Web access (browser history)
- Change extension of one file such as .docs to .pdf

Question 2) Discuss what should you consider when determining which data acquisition method to use.

Question  3) Discuss some options that can be used for preserving the data in this situation

Question 4) Explain two acquisition methods that you should use in this situation.

Assignment 1b: Create and Delete Files on USB Drive

In this Assignment 1b, you need to find any evidence of the Assignment 1a, and any data that might have been generated from the suspect's hard drive, so that, it may be presented in a court of law. To create your digital clues, please do the following task:

Part 1. On your USB drive, create a word file named your Student ID, where the blank should be filled with your name, mobile, citizen, address and some other information.
The file should contain the following sentence: "I have enrolled for MN624 Digital Forensic." The first blank in the sentence should be filled in with your Full name and the second blank with the date when you registered for this unit.

Part 2. On the same drive, create an excel file named "StudentID.xls", where the First column should be filled with your units name that you had at MIT last semester and the second column should be filled with your marks with those units.

Part 3. Store your current Photo on a USB drive and save it in JPG format or other images format.

Part 4. Take a screenshot of your Windows Explorer window showing the content of the USB's folder hosting the three files. Include this screenshot in your final report! Now delete those files, and then take another screenshot of the respective folder's content (after the two files have been deleted). Include this screenshot in your final report.

Table 1: Digital forensics Tools (You can choose any two tools for your demonstration with your tutor's consent)

Serial #

Name of the security tool

1

The Sleuth Kit (Autopsy)

2

FTK Imager

3

X-Ways Forensics

4

CAINE (Computer Aided Investigative Environment)

5

SANS Investigative Forensic Toolkit (SIFT)

Question 1) Use two computer forensics tool from table 1 to Acquire an Image of USB Drive. In the report, you need to include the screenshots of each step.
Question 2) Use two computer forensics tool from table 1 to Recover Deleted Images and to verify which files have changed of extension. In the report, you need to include the screenshots of each step.
Question 3) validate your results by using hash algorithms.

Question 4) Comparison of the digital forensics tools that you used in this work. Your comparison could include:
- Digital forensics features
- Time is taken to detect acquire threat
- Ease of usage
Question 5) Demonstration of the two digital forensics tools that you used in this work on week 7.

Attachment:- Digital Forensic.rar

Reference no: EM132483740

Questions Cloud

What necessary adjustment would be made on december : If Susan debited Cash and credited Unearned Rental Income for $5,000 on December 1, what necessary adjustment would be made on December 31?
Determine the future value of a year annuity : Determine the future value of a 15-year annuity of $1,800 per period where payments come at the beginning of each period? The interest rate is 12 percent
What the proper adjusting entry is : What The proper adjusting entry is? Early In the accounting period, Appreciative Client paid $3,000 for services in advance of receiving them
Confidence interval estimate of the mean number : Construct a 90% confidence interval estimate of the mean number of migraine attacks for people treated with acupuncture. Show all work.
MN624 Digital Forensic Assignment : MN624 Digital Forensic Assignment help and solution Melbourne Institute of Technology - assessment writing service - Record, administer and document digital
How do the three methods of sraight line method : How do the three methods of sraight line method, units-of-production method, and double-declining-balance method, affect the income statement
Find the mean-variance and standard deviation of x : Suppose that the continuous random variable X has moment generating function given by:
Determine which one part of journal entry that will be made : f Let's Move makes the appropriate adjusting entry at year end, which of the following is one part of the journal entry that will be made?
Find the probability that a customer will spend : Historical data show that customers who download music from a popular web service spend approximately $20 per month with a standard deviation of $4.

Reviews

Write a Review

Computer Engineering Questions & Answers

  Mathematics in computing

Binary search tree, and postorder and preorder traversal Determine the shortest path in Graph

  Ict governance

ICT is defined as the term of Information and communication technologies, it is diverse set of technical tools and resources used by the government agencies to communicate and produce, circulate, store, and manage all information.

  Implementation of memory management

Assignment covers the following eight topics and explore the implementation of memory management, processes and threads.

  Realize business and organizational data storage

Realize business and organizational data storage and fast access times are much more important than they have ever been. Compare and contrast magnetic tapes, magnetic disks, optical discs

  What is the protocol overhead

What are the advantages of using a compiled language over an interpreted one? Under what circumstances would you select to use an interpreted language?

  Implementation of memory management

Paper describes about memory management. How memory is used in executing programs and its critical support for applications.

  Define open and closed loop control systems

Define open and closed loop cotrol systems.Explain difference between time varying and time invariant control system wth suitable example.

  Prepare a proposal to deploy windows server

Prepare a proposal to deploy Windows Server onto an existing network based on the provided scenario.

  Security policy document project

Analyze security requirements and develop a security policy

  Write a procedure that produces independent stack objects

Write a procedure (make-stack) that produces independent stack objects, using a message-passing style, e.g.

  Define a suitable functional unit

Define a suitable functional unit for a comparative study between two different types of paint.

  Calculate yield to maturity and bond prices

Calculate yield to maturity (YTM) and bond prices

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd