User Account

All Pages

Prepare a digital forensic report

Assignment Help Case Study
Reference no: EM133544329

Computer Forensics and Analysis

Assessment - Practical Case Study

Task 1: Recovering scrambled bits - Demonstration of practical case study.

This task helps you to test your skills in encryption and decryption of some data that you may encounter in the field of digital forensics. For this task I will upload a text file with scrambled bits on the subject interact2 site closer to the assignment due date. You will need to use some DFT (digital forensics tool) to recover the scrambled bits. First, decide what DFT will be suitable for this task and then start your process. Please note you may need to do few iterations and some trial and test to get the goal. Your bit recovery process will be step by step which means you may not see the whole recovered bits just after one step, you may need to use several steps to recover all bits in the given file. You will be required to restore the scrambled bits to their original order and copy the plain text in your assignment.

Task 2: Digital Forensics Report
In this major task you are asked to prepare a digital forensic report for the following scenario after carefully reading the scenario and looking at textbook figures as referred below:

In addition, you are also to comment on the ethical issues / implications that may arise during your investigation. See further explanation of this in the deliverables below.

You are working in a Digital Forensic Investigation company, ABC Forensics (you can come up with your own company name if you are not fan of this name) and investigating a possible intellectual property theft by a new employee of Superior Bicycles, Inc. This employee, Tom Johnson, is the cousin of Jim Shu, an employee who had been terminated. Bob Aspen is an external contractor and investor who gets a strange e-mail from Terry Sadler about Jim Shu's new project (shown in Figure 8-5 of the textbook on p. 350). Bob forwards the e-mail to Chris Robinson (the president of Superior Bicycles) to inquire about any special projects that might need capital investments. Chris forwards the e-mail to the general counsel, Ralph Benson, asking him to look into it. He also forwards it to Bob Swartz, asking him to have IT look for any e-mails with attachments. After a little investigation, Bob Swartz forwards an e-mail IT found to Chris Robinson (shown in Figure 8-6 of the textbook on p. 350).

Chris also found a USB drive on the desk Tom Johnson was assigned to. Your task is to search for and determine whether the drive contains any proprietary Superior Bicycles, Inc. data in the form of any digital photograph and/or in any other form such as emails, text, spreadsheets etc as an evidence. In particular, you may look for graphic files such as JPEG on the USB drive

hidden with different format. But during the investigation you also look for other type of data as mentioned above. As a digital forensic specialist, you do not pre-assume that you will (or will not) find what you are looking for. However, you need to make sure that you conduct comprehensive investigation before reaching to any conclusions.

Note for the USB drive image, you need to download the "C08InChp.exe" file from the download section of Chapter 8 on the student companion site of the textbook (Nelson, Phillips, & Steuart, 6/e, 2019).

In order to conduct a thorough investigation, search all possible places where you think that data might be hidden (e.g. in e-mails and USB drive) and recover and present any digital evidence in the report. You may find that some of the files that you found cannot be opened properly or may be damaged or may be made corrupt intentionally, mention such files in your report. You may look at how to repair these files (hint: look at files headers). If you repair a file, mention your report that you have done so using a specific DFT. You do not need to write the whole repairing process if it is too long. If your current free version of the DFT cannot save large size files, you may consider searching and using other similar DFT that can save the larger size files. Assume that your company does not have the budget to purchase another DFT for this purpose, so you have to go with the free version.

You should also be asking this question while doing investigation, are there any evidence other than images in this case (although you have been specifically asked to look for images)?

For this forensic examination, you need to provide a report of approximately 10-12 pages (this is not a hard page limit, take it as a guideline) in the format described in presentation section below. Your report must include screen shots of your work and any images that you may have found during the investigation. Make sure that each screen shot has proper label, e.g. something like Figure 1: Screen shot of opening USB file. etc. You also provide a brief (one or two sentence) description of that screen shot or the image that you inserted in your report.

This may increase the number of pages of your report, which is acceptable. But make sure, if this is the case, you only include the screen shots which you think are necessary for the report.

In the findings section of your report, please comment on the ethical issues / implications that you may encounter during your investigation. Your comments should be clear, concise and to the point to articulate all the ethical issues and consequences related to the investigation.

You may have used various sources for collecting information such as lecture notes, web sources and forums etc. Cite all the sources of information in references that you used to prepare the report.

RATIONALE

This assessment task will assess the following learning outcome/s:

  • be able to determine and explain the legal and ethical considerations for investigating and prosecuting digital crimes.
  • be able to formulate a digital forensics process.
  • be able to evaluate the technology in digital forensics to detect, prevent and recover from digital crimes.
  • be able to analyse data on storage media and various file systems.
  • be able to collect electronic evidence without compromising the original data.
  • be able to evaluate the functions and features of digital forensics equipment, the environment and the tools for a digital forensics' lab.
  • be able to critique and compose technical tactics in digital crimes and assess the steps involved in a digital forensics' investigation.
  • be able to prepare and defend reports on the results of an investigation.

PRESENTATION
The following should be included as minimum requirements in the report structure:

Executive Summary
This section provides a brief overview of the case, your involvement as an examiner, authorisation, major findings and conclusion
Table of Contents
Introduction
Background, scope of engagement, forensics tools used and summary of potential findings

Analysis Conducted
Description of relevant programs on the examined items
Techniques used to hide or mask data, such as encryption, steganography, hidden attributes, hidden partitions etc
Graphic image analysis

Findings
This section should describe in greater detail the results of the examinations and may include: o Specific files related to the request
Other files, including any deleted files that support the findings
String searches, keyword searches, and text string searches
Internet-related evidence, such as Web site traffic analysis, chat logs, cache files, e-mail, and news group activity
Indicators of ownership, which could include program registration data.

Conclusion
Summary of the report and results obtained. Do not introduce new results or new ideas in conclusions. Repeat the information from Executive Summary.

References
You must cite references to all material you have used as sources for the content of your work

Glossary (Optional)
A glossary should assist the reader in understanding any technical terms used in the
report. Use a generally accepted source for the definition of the terms and include appropriate references.

Appendices (Optional)
You can attach any supporting material such as printouts of particular items of evidence, digital copies of evidence, and chain of custody documentation.

Attachment:- Practical Case Study.rar

Reference no: EM133544329

Questions Cloud

How does the organization view failure : How do decisions get made? To what extent are people held accountable for their results? How does the organization view failure?
Differences between cardiac and brain-oriented deaths : Compare and contrast the main differences between cardiac and brain-oriented deaths. explain the Harvard Criteria for a Definition of Irreversible Coma.
What did you learn about management and leadership : What did you learn about management and leadership? How has this course added to your understanding of management and leadership in nursing?
Discuss the primary challenges businesses face : Discuss the primary challenges businesses face is that there are so many different systems, each of which provides different services and uses different data.
Prepare a digital forensic report : HI6043 Computer Forensics and Analysis, Holmes Institute - prepare a digital forensic report for the following scenario after carefully reading the scenario
Present a business case in which you determine the tools : Present a business case in which you determine the tools that are the best fit for the business. Justify your reasoning and selection criteria 7 to 8 slides.
What aspects of breach were disclosed : What aspects of breach were disclosed (Threat - threat agent - vulnerability - actual breach - discovery - investigation - impact - remediation)?
Calculate how much this scheme would have cost : Assessment Portfolio Activities - Case Data - Reflect the level of skill and care provided with the superior service including precision edging, hedge trimming
Compare personal leadership styles-traits and qualities : Compare the personal leadership styles, traits, and qualities of your group members, including commonalities between group members' strengths

Reviews

Write a Review

Case Study Questions & Answers

  Raising the age for medicare eligibility

Review the capstone 11 policy analysis, and revise as its possible to make it a high quality - Raising the age for Medicare eligibility - Increasing the Medicare age limit in US to 67 old and Medicare cost saving from coverage of group exercise se..

  Provide brief description of background of the court case

Provide a brief description of the background of the court case.- Include a discussion on the U.S. Supreme Court decision. What did they consider?

  Calculate comfy cabins total annual component pounds

Commodity Risk Profile Dairy Foods –Comfy Cabin - Describe as simply as possible, the kind of risk facing Comfy Cabin in 2017. Everything you need to know

  Analyse information provided on the queensland health study

Discuss frameworks (COBIT and COSO) and controls which should be used in a project such as the Queensland Health Payroll system.

  Who do you think was right joe or the nurse manager

United States Nursing Operating Room Nurse Case Study - Who do you think was right, Joe or the nurse manager? Why

  Qualitative research method in health

Provide evidence for your decision. The ‘hints' for each question provide useful guidance to help you structure your response.

  How much of walmart success is due to nafta

How much of Walmart's success is due to NAFTA, and how much is due to Walmart's inherent competitive strategy?  In other words, could any other U.S. retailer have the same success in Mexico post-NAFTA, or is Walmart a special case

  Discuss managements role in successful quality improvement

What are some of the specific directions that companies are adopting in terms of strategic quality management and discuss the evolution of and the pros and cons of such programs as Deming and Six Sigma.

  Who has the responsibility to advocate for childrens health

Who has the responsibility to advocate for children's health, in general?- Who would have arguments against laws such as a pesticide ban? Why?

  Outright offers of billions of dollars in tax breaks

appeals based on the civic character, practical and cultural amenities of each city, and outright offers of billions of dollars in tax breaks

  Compose a bulleted summary of texas health strategy

Prepare a presentation in PowerPoint, Prezi, or another online tool that meets or exceeds the following requirements: Compose a bulleted summary of Texas Health's strategy. Compare and contrast the values and challenges that they were addressing

  Write a differential diagnosis of disorders

Why is it that the later in age this disease manifest itself, the less severe the disease is and what tests would you run to clarify your differential and potentially come to a definitive diagnosis?

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd