User Account

All Pages

Suggest farayi has been counterfeiting isic cards

Assignment Help Other Subject
Reference no: EM132591763

CO4514 Digital Forensic Technology - University of Central Lancashire

Practice Investigation

Scenario

Farayi is suspected of selling counterfeit International Student Identity Cards to people who are not entitled to claim the discounts this card brings. An undercover sting operation was setup to catch Farayi in the act of selling his counterfeit goods. Farayi attempted to sell a counterfeit ISIC card to an undercover officer who was part of the sting operation.

After being arrested and questioned at the local police station, Farayi provided a USB data stick to be further examined. Under questioning Farayi has stated that all the evidence that can be found is on this USB data stick.

A forensic technician has taken custody of the data stick and has performed a full physical acquisition using the DD imaging tool, and have signed this digital image into the evidence locker.

This evidence is available on Blackboard called "unit0910_evidence.zip". Download it and unzip it, and save it somewhere so you can access it later.

Your Instructions
You are to examine the full physical acquisition and answer the following questions.

1. What evidence exists to suggest Farayi has been counterfeiting ISIC cards?
2. Is there any evidence to suggest that Farayi knew his actions were illegal?
3. Is there any evidence to suggest the names of his customers?

Produce a report answering these questions. You should assume that you are preparing this report to be used by the Crown Prosecution Service.

Performing an Investigation Using Autopsy

You will need to keep contemporaneous notes as you are performing this investigation. You will be reminded to keep your notes at the beginning of the investigation, but towards the end you will not be reminded. Your notes should demonstrate your thought process, your decisions, your actions and your results and should be an open and transparent reflection of your investigation. You may use any tools at your disposal for keeping your contemporaneous notes. For example, you may use QCC Forensic Casenotes (available as a free download) or Microsoft Word.

Read all instructions carefully. This work sheet is set up so that it tells you what you are aiming to achieve, before giving you the instructions on how to achieve it. Read through and entire section and understand the instructions - before you attempt to do any of the work.

Part 1 - Creating the Case File
Aim: You have been provided with a copy of the chain of custody form. Check and update the form, and then create your Autopsy case with the provided details.

1.1 Read through the chain of custody documentation.

1.2 Create your case within Autopsy using the correct information.

1.3 Generate and MD5 and then check against the value written on to the chain of custody document. If the MD5 values do not match then you should contact the person in charge immediately.

Part 2 - Initial Survey

Aim: To perform an initial survey of the evidence and to get a good idea of the kind of evidence that I will be exposed to; develop any intelligence about how the investigation might proceed.

2.1 Write down a list of keywords that you think are relevant to this investigation. Use your imagination and don't yet consult with the digital evidence. Re-read the investigative scenario to try and understand what kind of evidence might be discovered.

2.2 Create a keyword list within Autopsy that contains all of the keywords you have identified above. Instructions to do this follow.
2.2.1 Click the "Keyword List" button on the top right hand side of the Autopsy screen.

2.2.2 Click "Manage Lists" when the window pops up

2.2.3 Click the ‘New List' button
2.2.4 Enter "ISIC Card Counterfeitting" as the list name
2.2.5 Ensure ‘ISIC Card Counterfeitting' is selected
2.2.6 Select the ‘New Keywords' button
2.2.7 Enter the first keyword you have identified in the table above
2.2.8 Select "Substring Match"
2.2.8 Click OK
2.2.9 Enter the rest of your keywords
2.2.10 Once you have entered all of your keywords click OK to close the keyword list manager
2.2.11 Run the search facility again to search for the keywords you have just entered.
The keyword list search facility is actually an ingest module that is run when we first added the evidence; so we will need to run it again. However, we now have our ISIC card counterfeiting keyword list set up - and could run it immediately if we ever have to perform another investigation into ISIC card counterfeiting.
2.2.12 Select Tools->Run Ingest Modules->thumbdrive.dd from the main menu
2.2.13 De-select all of the ingest modules, apart from the "Keyword Search" module
2.2.14 Select the "Keyword Search" module from the list
2.2.15 Ensure "ISIC Card Counterfeiting" is ticked (you can keep the others ticked too if you want).
2.2.16 Click ‘Finish'
This will now run the search facility using the keyword list you've entered.
2.2.17 In the "Keyword Hits" tree viewer, expand the "ISIS Card Counterfeiting" option to see all of the search results from your keywords.
2.2.18 Don't spend too much time analysing the search results. Look at the search results and identify anything that needs to be followed up. This might include individual files that you need to examine more closely, it might include new keywords that have become more obvious, and it might include bits of technology that you need to understand a bit better before you complete further investigation.

2.3 Check and record the file system details for the evidence file
2.3.1 Click on the "datasources" item in the tree viewer window
2.4 Have a quick look around the file system
Part 3 - Documentation Phase
Aim: To ensure the correct documentation is used or maintained.

Phase 4 - Search for Digital Evidence
Aim: to locate and interpret the relevant digital evidence.
4.1 Look at your keyword list results.
4.2 Add a bookmark to this file
4.3 Examine the rest of your search results. Bookmark anything that is relevant to your investigation.
4.4 Within the tree viewer window, examine the results of the ingest modules.
4.4.1 Click the File Types item in the tree viewer. Expand it, and look at all of the identified files.

Phase 5 - Reconstructing the Evidence
Phase 6 - Preparing Documents

Aim: To present the evidence in an appropriate format

Attachment:- Digital Forensic Technology.zip

Reference no: EM132591763

Questions Cloud

What is the impact of lower cost of solar power : What is the impact of lower cost of solar power panels on renewable energy projects and Imergy?
How much each class of shares should receive dividend : How much each class of shares should receive dividend and prepare the Journal entry(s) to record this dividend. (Hint: that there is no dividend in arrears.
What will be the length of the wire : If the wire is to have a resistance R = 0.650 O, and if all the copper is to be used, find the following.
Leveraged data mining technologies : Select an organization that has leveraged Data Mining technologies in an attempt to improve profitability or to give them a competitive advantage.
Suggest farayi has been counterfeiting isic cards : What evidence exists to suggest Farayi has been counterfeiting ISIC cards and Is there any evidence to suggest that Farayi knew his actions were illegal
What the total amount that will be added to the common share : What The total amount that will be added to the Common Shares account when the final subscriptions are received will be?Subscriptions Receivable, Common Shares
The rising importance of big-data computing stems : The rising importance of big-data computing stems from advances in many different technologies.
What the long-run objective of financial management is to : What The long-run objective of financial management is to?The decision function of financial management can be broken down into decision
How much time tmelts passes before the ice starts : The mass of the container can be ignored. Heat is supplied to the container at the constant rate of 780 J/minute.

Reviews

Write a Review

Other Subject Questions & Answers

  Cross-cultural opportunities and conflicts in canada

Short Paper on Cross-cultural Opportunities and Conflicts in Canada.

  Sociology theory questions

Sociology are very fundamental in nature. Role strain and role constraint speak about the duties and responsibilities of the roles of people in society or in a group. A short theory about Darwin and Moths is also answered.

  A book review on unfaithful angels

This review will help the reader understand the social work profession through different concepts giving the glimpse of why the social work profession might have drifted away from its original purpose of serving the poor.

  Disorder paper: schizophrenia

Schizophrenia does not really have just one single cause. It is a possibility that this disorder could be inherited but not all doctors are sure.

  Individual assignment: two models handout and rubric

Individual Assignment : Two Models Handout and Rubric,    This paper will allow you to understand and evaluate two vastly different organizational models and to effectively communicate their differences.

  Developing strategic intent for toyota

The following report includes the description about the organization, its strategies, industry analysis in which it operates and its position in the industry.

  Gasoline powered passenger vehicles

In this study, we examine how gasoline price volatility and income of the consumers impacts consumer's demand for gasoline.

  An aspect of poverty in canada

Economics thesis undergrad 4th year paper to write. it should be about 22 pages in length, literature review, economic analysis and then data or cost benefit analysis.

  Ngn customer satisfaction qos indicator for 3g services

The paper aims to highlight the global trends in countries and regions where 3G has already been introduced and propose an implementation plan to the telecom operators of developing countries.

  Prepare a power point presentation

Prepare the power point presentation for the case: Santa Fe Independent School District

  Information literacy is important in this environment

Information literacy is critically important in this contemporary environment

  Associative property of multiplication

Write a definition for associative property of multiplication.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd