User Account

All Pages

What is the value of the evidence to the investigation

Assignment Help Case Study
Reference no: EM132998783

Question: Coffee is defined as a "a hot drink made from the roasted and ground seeds (coffee beans) of a tropical shrub". In Australia, it is illegal to be in possession of any digital content related to coffee, coffee beans or information on the process of making coffee. As a result, accessing, owning, or distributing digital content relating to "coffee" is a criminal offense.

Josh claims to have witnessed a work colleague (Bob) viewing coffee content on a work computer. The allegation was escalated to management, who subsequently escalated the allegation to law enforcement. Following the approval of formal warrants, Bob's computer was seized by law enforcement and transported to the Cyber Crime Centre (CCC).

The computer's hard disk was acquired using AccessData FTK Imager. Unfortunately, the junior investigator who acquired the computer's hard disk only performed a logical acquisition. The CCC is currently in lockdown due to COVID-19, so all employees are completing investigations remotely and thus at this stage, a subsequent full-disk acquisition cannot be undertaken. Given the time-critical nature of the case, an investigation will need to be undertaken on the acquired data, that is currently available. The following list of facts have been produced for this investigation.

• The suspect, Bob, denies accessing "coffee" content on the computer.
• Bob is technically skilled and alleges he has been setup. Bob claims that malware and RDP access to his computer may have resulted in the presence of content.
• Bob confirmed that the computer does belong to him.
• Bob confirmed that he did not use a password onto his computer.
• Bob confirmed that he does not take the computer home.
• Bob backs up his Apple iPhone to the work computer via iTunes.
In addition to initial allegation, prior accumulated intelligence reports suggest that Bob may have been working with an insider - who works for law enforcement. A USB stick may have been physically handed to Bob. The USB stick contained a classified document on COVID-19 and a confidential video of a Bugs Bunny cartoon. As part of the investigation, it is critical to determine if the USB drive was ever connected to Bob's computer and were either of the files copied and subsequently shared with others.
You are a newly hired consultant who specialises in digital forensic investigations. As your very first investigation, you have been assigned the task of examining a forensic image of the computer that was seized. It is currently not known what Bob was doing with the coffee content. Your task is to forensically investigate the supplied forensic image using appropriate tools and processes, and develop a formal forensic report encompassing the evidence and methodology used. You may use any tools to undertake the investigation, but you must formally justify and document all of your actions. The recommended report structure is as follows:
• Evidence/content - 30%
• Running sheet - 60%
• Timeline of events 10%.
As a result, the running sheet is the most important component of your report. You may or may not find all evidence and items of interests in the supplied forensic image. Thus, you should focus on carefully documenting end explaining the methods you used to locate evidence and analyse their value within this investigation.
Sometimes it can be tricky to visualise how unit content comes together to form a finalised assessment. To assist you, a redacted version of a previous assessment has been provided. The supplied assignment has significant room for improve, the assignment exemplar should enable you to better understand how an assignment could be structured. You should only use this assignment exemplar to assist you in preparing your final assignment. Your final assignment and work should be your own. Incorporating your own perspective and creative aspect. Using the content from within the unit, your final forensic report for the unit must adhere to the following structure;
• Cover page - unit code and title, assignment title, student name, number, campus and tutor.
• Table of contents - An accurate reflection of the content within the report, generated automatically in Microsoft Word
• Summary - A succinct overview of the report. What were you looking for? How did you approach the investigation? What did you do? What did you find? What is the outcome of the investigation? Use numbers and/or statistics to support or extend the extent of any crimes that have been committed. Keep the summary to a maximum of 1 page.
• Issue #1: Presentation of content relating to offence - A detailed representation of all content identified, extracted and analysed in the investigation. All evidence must be characterised, explained and examined. What metadata exists? What is the value of the evidence to the investigation? What does each piece of evidence mean? Does the evidence support or negate the allegations made? Consider how you will present the evidence. Do not make the mistake of making issue #1 the majority of your report.
• Issue #2: Identification - Detail all information relating to possible use/ownership of the evidence identified and extracted. How can you link the evidence to a particular owner? Is there any digital evidence that demonstrates ownership of the device or content?
• Issue #3: Intent - Was the digital content purposefully accessed/used/downloaded/installed? Was it accidental? Was it a third party? Was it malicious software? Present all evidence to support your theory.
• Issue #4: Quantity of files - How many files of every type were present on the system? What percentage of these files relate to the offence? What does this mean for the overall investigation?
• Issue #5: Installed Software - What applications are installed that relate to the investigation? What purpose do these applications serve? Have they been used/run? What are the dates/times the application was last used? What impact do these applications have on the investigation?
• Issue #6, 7, etc. - Any other evidentiary sections that do not full under the other issue headings.
• Appendix A: Running sheet - A comprehensive running sheet (recipe) of your actions in investigating the case study. The running sheet should be presented in table form. What did you? How did you do it? What was the outcome of your action? The running sheet should be more detailed than a ‘recipe' and allow someone to replicate your process and achieve the exact same outcome.
• Appendix B: Timeline of events - A comprehensive and chronological order of events representing the actions that resulted in the illegal activity taking place, and the events thereafter. Be creative in how you present this data. Consider what is important to include and what serves no purpose.

Please make sure you attach videos and screenshots of how you will demonstrate the running sheet.

Reference no: EM132998783

Questions Cloud

Draw the timeline and set out the cash inflow : Draw the timeline and set out the cash inflow, cash outflow and net cashflow for each year. Bulla Dairy Foods is considering buying a new production line.
Describe three process structures in services in production : Describe and highlight the differences among the three process structures in services in production and operations management. (Front office, Hybrid office)
What risks are the transferring to the employee : When an employer switches from a Defined Benefit Plan (DB) to a Defined Contribution Plan (DC), what risk(s) are they transferring to the employee?
What key reason do opponents of trailer fees provide : According to the article Banning fund trailer fees: The latest arguments for and against, what key reason(s) do opponents of trailer fees provide?
What is the value of the evidence to the investigation : What is the value of the evidence to the investigation? What does each piece of evidence mean? Does the evidence support or negate the allegations made
Why is charging a fee as a percentage of investment assets : Why is charging a fee as a percentage of investment assets a challenge when servicing a book of clients mostly composed of retirees?
What is an advantage associated with job rotation : Once a month employees rotate jobs. Florence is surprised and wonders why the company does this. What is an advantage associated with job rotation?
Which human resources activity does the scenario describe : Which human resources activity does this scenario describe? Valentina, a hiring manager, forms a pool of qualified candidates for a manager position
Identify the name of the probable mechanism : Identify the name of the probable mechanism - drawn in the mechanism must clearly show the configuration at the chiral carbon

Reviews

len2998783

9/26/2021 11:52:05 PM

Do you have any expert digital forensic?? Because it''s very tough job

Write a Review

Case Study Questions & Answers

  Write the db assignment

To what extent do you think the crafting of the Affordable Care Act relied on experiences in other countries? Can you think of examples of policies or countries that may have been influential?

  Create a gantt chart illustrating the project tasks

Create a Gantt chart illustrating the project tasks and Create a system diagram illustrating the equipment and connections required for this project

  Critically analyze the apple case

Critically analyze the Apple Case (reproduced below). In particular, update the research information by new research to include Apple's other product lines and decide the lessons that have been learned for information systems managers, in a succinct ..

  What instructions would have been given to the client

What instructions would have been given to the client prior to the ultrasound being performed and What laboratory values should be considered at this time

  Create a corporate competitive intelligence system

Reflective Article Review - How to Create a Corporate Competitive Intelligence System - Gaining competitive intelligencefrom social media data evidence

  Case study - ozi native clothing

OziNative Clothing is a clothing manufacturer based in Melbourne which manufactures clothing and accessory items made from the hides of Australian native animals, including emus, kangaroos and wallabies.

  Tumor microenvironment-mediated construction

QUESTION DETAILS:Tumor Microenvironment-Mediated Construction/ Drug Delivery for targeting tumors I will be providing

  Case study-describe your approach to care

Case Study-Describe a method for providing both the patient and family with education and explain your rationale, Provide a teaching plan (avoid using terminology that the patient and family may not understand).

  The social economy: finding a way between market and state

Write 900 word summary for given case study. Summary should be less than 20%, more on your personal reflection and opinion.

  Identify the technology barriers to the company

Perform research - Identify the hard and soft technology used for both the domestic and global environments. This is not about computers or software; see lesson plan for details and remember to incorporate critical thinking (see resources).

  How to analyze ethical issues

How to analyze ethical issues; feel free to conduct your own research to learn more about these ethical issues - prepare to lead the next staff training

  Define scope of the challenges De Beers face

CASE STUDY - De Beers Group: Marketing Diamonds to Millennials. Define scope of the challenges De Beers face in relation to marketing to Millennials

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd