User Account

All Pages

What is the value of the evidence to the investigation

Assignment Help Case Study
Reference no: EM132998783

Question: Coffee is defined as a "a hot drink made from the roasted and ground seeds (coffee beans) of a tropical shrub". In Australia, it is illegal to be in possession of any digital content related to coffee, coffee beans or information on the process of making coffee. As a result, accessing, owning, or distributing digital content relating to "coffee" is a criminal offense.

Josh claims to have witnessed a work colleague (Bob) viewing coffee content on a work computer. The allegation was escalated to management, who subsequently escalated the allegation to law enforcement. Following the approval of formal warrants, Bob's computer was seized by law enforcement and transported to the Cyber Crime Centre (CCC).

The computer's hard disk was acquired using AccessData FTK Imager. Unfortunately, the junior investigator who acquired the computer's hard disk only performed a logical acquisition. The CCC is currently in lockdown due to COVID-19, so all employees are completing investigations remotely and thus at this stage, a subsequent full-disk acquisition cannot be undertaken. Given the time-critical nature of the case, an investigation will need to be undertaken on the acquired data, that is currently available. The following list of facts have been produced for this investigation.

• The suspect, Bob, denies accessing "coffee" content on the computer.
• Bob is technically skilled and alleges he has been setup. Bob claims that malware and RDP access to his computer may have resulted in the presence of content.
• Bob confirmed that the computer does belong to him.
• Bob confirmed that he did not use a password onto his computer.
• Bob confirmed that he does not take the computer home.
• Bob backs up his Apple iPhone to the work computer via iTunes.
In addition to initial allegation, prior accumulated intelligence reports suggest that Bob may have been working with an insider - who works for law enforcement. A USB stick may have been physically handed to Bob. The USB stick contained a classified document on COVID-19 and a confidential video of a Bugs Bunny cartoon. As part of the investigation, it is critical to determine if the USB drive was ever connected to Bob's computer and were either of the files copied and subsequently shared with others.
You are a newly hired consultant who specialises in digital forensic investigations. As your very first investigation, you have been assigned the task of examining a forensic image of the computer that was seized. It is currently not known what Bob was doing with the coffee content. Your task is to forensically investigate the supplied forensic image using appropriate tools and processes, and develop a formal forensic report encompassing the evidence and methodology used. You may use any tools to undertake the investigation, but you must formally justify and document all of your actions. The recommended report structure is as follows:
• Evidence/content - 30%
• Running sheet - 60%
• Timeline of events 10%.
As a result, the running sheet is the most important component of your report. You may or may not find all evidence and items of interests in the supplied forensic image. Thus, you should focus on carefully documenting end explaining the methods you used to locate evidence and analyse their value within this investigation.
Sometimes it can be tricky to visualise how unit content comes together to form a finalised assessment. To assist you, a redacted version of a previous assessment has been provided. The supplied assignment has significant room for improve, the assignment exemplar should enable you to better understand how an assignment could be structured. You should only use this assignment exemplar to assist you in preparing your final assignment. Your final assignment and work should be your own. Incorporating your own perspective and creative aspect. Using the content from within the unit, your final forensic report for the unit must adhere to the following structure;
• Cover page - unit code and title, assignment title, student name, number, campus and tutor.
• Table of contents - An accurate reflection of the content within the report, generated automatically in Microsoft Word
• Summary - A succinct overview of the report. What were you looking for? How did you approach the investigation? What did you do? What did you find? What is the outcome of the investigation? Use numbers and/or statistics to support or extend the extent of any crimes that have been committed. Keep the summary to a maximum of 1 page.
• Issue #1: Presentation of content relating to offence - A detailed representation of all content identified, extracted and analysed in the investigation. All evidence must be characterised, explained and examined. What metadata exists? What is the value of the evidence to the investigation? What does each piece of evidence mean? Does the evidence support or negate the allegations made? Consider how you will present the evidence. Do not make the mistake of making issue #1 the majority of your report.
• Issue #2: Identification - Detail all information relating to possible use/ownership of the evidence identified and extracted. How can you link the evidence to a particular owner? Is there any digital evidence that demonstrates ownership of the device or content?
• Issue #3: Intent - Was the digital content purposefully accessed/used/downloaded/installed? Was it accidental? Was it a third party? Was it malicious software? Present all evidence to support your theory.
• Issue #4: Quantity of files - How many files of every type were present on the system? What percentage of these files relate to the offence? What does this mean for the overall investigation?
• Issue #5: Installed Software - What applications are installed that relate to the investigation? What purpose do these applications serve? Have they been used/run? What are the dates/times the application was last used? What impact do these applications have on the investigation?
• Issue #6, 7, etc. - Any other evidentiary sections that do not full under the other issue headings.
• Appendix A: Running sheet - A comprehensive running sheet (recipe) of your actions in investigating the case study. The running sheet should be presented in table form. What did you? How did you do it? What was the outcome of your action? The running sheet should be more detailed than a ‘recipe' and allow someone to replicate your process and achieve the exact same outcome.
• Appendix B: Timeline of events - A comprehensive and chronological order of events representing the actions that resulted in the illegal activity taking place, and the events thereafter. Be creative in how you present this data. Consider what is important to include and what serves no purpose.

Please make sure you attach videos and screenshots of how you will demonstrate the running sheet.

Reference no: EM132998783

Questions Cloud

Draw the timeline and set out the cash inflow : Draw the timeline and set out the cash inflow, cash outflow and net cashflow for each year. Bulla Dairy Foods is considering buying a new production line.
Describe three process structures in services in production : Describe and highlight the differences among the three process structures in services in production and operations management. (Front office, Hybrid office)
What risks are the transferring to the employee : When an employer switches from a Defined Benefit Plan (DB) to a Defined Contribution Plan (DC), what risk(s) are they transferring to the employee?
What key reason do opponents of trailer fees provide : According to the article Banning fund trailer fees: The latest arguments for and against, what key reason(s) do opponents of trailer fees provide?
What is the value of the evidence to the investigation : What is the value of the evidence to the investigation? What does each piece of evidence mean? Does the evidence support or negate the allegations made
Why is charging a fee as a percentage of investment assets : Why is charging a fee as a percentage of investment assets a challenge when servicing a book of clients mostly composed of retirees?
What is an advantage associated with job rotation : Once a month employees rotate jobs. Florence is surprised and wonders why the company does this. What is an advantage associated with job rotation?
Which human resources activity does the scenario describe : Which human resources activity does this scenario describe? Valentina, a hiring manager, forms a pool of qualified candidates for a manager position
Identify the name of the probable mechanism : Identify the name of the probable mechanism - drawn in the mechanism must clearly show the configuration at the chiral carbon

Reviews

len2998783

9/26/2021 11:52:05 PM

Do you have any expert digital forensic?? Because it''s very tough job

Write a Review

Case Study Questions & Answers

  From the scenario, prioritize the attributes of golds reling

From the scenario, prioritize the attributes of Golds Reling's brand from the brand map presented in the scenario according to the attributes that you believe would be most important to the new tablet's target market. Provide support for your respons..

  Discuss critically infosys current and future strategy

Discuss critically Infosys current and future strategy. What advice would you give Kris Gopalakrishnan and KShop has resulted in information overload among staff. What operational measures would you suggest to overcome such challenges?

  Review tarmac business case for diversity

Review Tarmac's Business Case for Diversity and the Learning Resources. Think about Tarmac's approach to managing diversity and how it relates to organisational behaviour concepts and human resource processes.

  Enron case shared activity

Enron was the first nationwide natural gas pipeline network in the United States. As the company grew, executives shifted the company's primary focus from energy delivery and infrastructure to investing in the stock market.

  Ebay inc internet success or fairy tale

Read the case study "eBay Inc.: Internet Success or Fairy Tale? "and answer the question below,   Use the 2002 financial statement data to replicate the Meyer's report calculations that illustrate the conclusion based on the 2001 data reached in the ..

  Mintendo game girl case study

Which option delivers the maximum profit for the supply chain: Sandra's plan, Bill's plan, or no promotion plan at all? How does the answer change if a discount of $10 must be given to reach the same level of impact that the $5 discount received?

  Splash soft drinks case study

Splash Soft Drinks Inc. (SSD) has recently achieved sales that exceeded its expectations after it introduced a new beverage that was greatly welcomed by their customers. The company is currently considering opening a new plant to which some of the pr..

  Details of the task using tesco plc

Details of the task Using Tesco plc (www.tesco.com) as a case study, prepare a report of no more than 2,500 words that:

  What are the common manifestations of alcoholic cirrhosis

What are the common manifestations of alcoholic cirrhosis? Which of these are secondary to hepatocellular failure? Which are secondary to portal hypertension?

  Judge the extent to which the marketing plan at just us

From the case study, judge the extent to which the marketing plan at Just Us! is outdated. Propose two (2) ways that Just Us! could improve the customer experience and thus sustain future growth.

  Read natasha kingery case and answer the questions

Read the DATA CASE on pages 126-127 about Natasha Kingery who is considering furthering her education and is seeking financial advice. Determine the interest rate she is currently earning on her inheritance by going to Yahoo!

  Identify the relevant facts of the case study

Imagine you are the financial controller of XYZ Ltd a corporation that is a very large donor to HOHO. You have recently become aware that its TV advertising has resulted in the charity violating the 25% expenditure ratio for its charity drive.    Id..

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd