User Account

All Pages

What types of items would you seize

Assignment Help Management Information Sys
Reference no: EM131709072

You have learned what digital evidence is, not in the physical sense but in the legal sense, and then what steps you should take to identify and collect it.

To summarize the evidentiary information from the readings, there are four basic classifications of evidence that can be applied to items of potential investigative value:

Testimonial Evidence - Testimony or a statement provided by an individual detailing what they observed or experienced (through any of their senses). For example, a witness may have heard tires screech and a loud crash but not actually have seen the accident. In this example, even though he didn't actually see the crash, witness's testimony is still valuable - it can help pinpoint the time of a crash, determine the number of vehicles involved, or speak to the lighting conditions or weather conditions were at the time of the accident.

Testimonial evidence can be significant as either direct or corroborating evidence. In addition, expert testimony can be provided that allows a subject matter expert (vetted and accepted by the court) to offer opinions and interpretations (e.g., context) of other evidence that has been or will be presented.

Real Evidence - Physical evidence. Examples would be a murder weapon, a hard disk drive, fingerprints, blood or other bodily fluids, clothing, stolen property, etc.

Documentary Evidence - Documents (such as records, checks, or photographs) that are like real evidence in that it may be a physical item (e.g., printed material), but documentary evidence is also the results of the analysis of documents or records to show a pattern of behavior. For example, you examine (and create) potential documentary evidence each time you balance your checkbook.

Demonstrative Evidence - Evidence that utilizes or requires a demonstration, such as the use of a chart or map, to help prove what happened. Demonstrative evidence is most often created by an expert witness; an example might be using a dummy to show how a person was standing when he was shot, or it could be a flow chart showing how money was moved between different accounts.

All four types of evidence could be and frequently are used together in court to prove or disprove the facts of a case.

Readings in Week 2 discussed search and seizure or the ability to retrieve evidence. Over the past two weeks, many of you have mentioned search warrants in your discussions. The Fourth Amendment to the U.S. Constitution (and the Supreme Court's subsequent interpretations thereof) requires that before a search can be conducted and evidence can be seized, the Government must obtain a search and seizure warrant (based on probable cause) from an impartial magistrate.

However, there is no requirement for a private person or organization to obtain a search warrant or work under the same constraints. Further, the line can be blurred, as a private person or organization that searches property or seizes evidence (not needing a warrant) could subsequently turn it over to the Government.

In fact, they could do so even if the search was not legal under the Constitution, or even if they did not have the right to enter the place to be searched or committed civil trespass. Although it may seem counterintuitive and like a severe violation of individual rights, the only time the Fourth Amendment applies to a private party is if the private party is acting as an agent for the Government or law enforcement (such as a Government contractor or a citizen asked by a police detective to gather information for a specific purpose or investigation).

There are, of course, exceptions to the requirements on the Government to obtain a search warrant prior to searching or seizing evidence. For example, the Government would not need a search warrant when a person with proper authority gives consent to conduct the search (e.g., the company CEO gives permission to search company servers for company data).

Another exception is when there are exigent circumstances present that, if the time was taken to obtain a proper warrant, could result in the destruction of evidence or harm to another person; however, it should be noted that searches undertaken due to exigent circumstances must be followed-up with a legally obtained warrant as soon as the exigent circumstance has been effectively neutralized).

Exigent circumstances could come into play in a digital evidence case when (for example) the owner of a computer likely containing digital evidence knows of the investigation and could delete the evidence from his storage devices before a warrant could be obtained. However, while the storage devices could most likely be seized without a warrant to prevent data destruction, this exigent circumstance is not a valid reason to conduct a forensic analysis of the storage media and a warrant should be obtained immediately.

If evidence is not seized properly it may not be admissible in court. Therefore, it is important to know the rules governing what you can and cannot do (whether you are a private entity or an instrument of the Government), as well as being able to explain why you took the steps you did in order to sufficiently articulate your actions (from a legal perspective). This is also helpful in minimizing any potential civil liability.

After you seize a computer or device and have obtained the proper authority to conduct a search of the contents, you must then be able to testify that your next steps were forensically sound and within the scope of your search authority (whether granted by consent or warrant).

Unless special precautions are taken, you risk changing digital data on a device each time you access it. For this reason, it is important you avoid conducting an analysis of an original (evidence) device (such as the suspect's hard drive removed from his computer), but instead make a forensically sound copy (i.e., a bit-for-bit copy of the original made without altering the original data, often accomplished with the use of a tool called a write-blocker) suitable for examination.

In the readings, you will have read discussions of common tasks facing a digital investigator, such as identifying different types of devices you should look for when conducting a search; as well as the preservation and analysis of those devices.

For this week's discussion, complete the following two scenario questions below in detail. Please discuss thoroughly and substantively in your post. Additionally, respond in a thorough, substantive, intelligent way to at least one of your fellow classmates that adds to our discussion and learning of this week's topic!

1.) You are a digital forensic examiner and have been asked to examine a hard drive for potential evidence. Give examples of how the hard drive (or the data on it) could be used as (or lead to the presentation of) all four types of evidence in court; testimonial, real, documentary, and demonstrative. If you do not believe one or more of the types of evidence would be included, explain why not.

2.) You have been asked to assist a law enforcement team serving a search warrant related to a child pornography investigation. You are the digital forensic expert for the team, and, as such, have been assigned the task of identifying and collecting the digital evidence at the search location. Answer the following questions about your assignment.

What steps should you take before the search to serve the search warrant?

What types of evidence should you be on the alert for, when searching the residence?

What types of items would you seize?

Reference no: EM131709072

Questions Cloud

What academic discipline can best help a person : According to the video clip you watched, "Life Meaning", what is the Purpose of Human Life
Develop a set of recommendation for the company : If you think that it does not, then, develop a set of recommendation for the company so that they follow the framework criteria.
Examine the importance of police patrol in modern policing : Examine the importance of police patrol in modern policing. Identify at least two quality of life issues that permeate modern law enforcement practices.
Responsibilities for three major areas : With that being said, an HR department has responsibilities for three major areas. Which are those three areas?
What types of items would you seize : What steps should you take before the search to serve the search warrant?What types of evidence should you be on the alert for, when searching the residence?
What will be the ph of the final mixture : If 6 volumes of 12 mM KOH are mixed with 1 volume of 45 mM H3PO4, what will be the pH of the final mixture
Equal employment opportunity initiatives-affirmative action : What is the difference between Equal Employment Opportunity initiatives, Affirmative Action initiatives and Diversity initiatives in organizations?
Dealing with the collection of a sales tax : Dealing with the collection of a sales tax, wholesalers are:
Different types of common organizational structure : Please consider the different types of common organizational structure discussed in this chapter.

Reviews

Write a Review

Management Information Sys Questions & Answers

  Tour operator agency database

Tour Operator Agency Database

  How it makes the companys business processes cheaper

Describe how IT makes the company's business processes faster, cheaper, more accurate, and customer-savvy than that of competitors.

  The information assurance

I have worked in the information assurance (IA) arena for well over a decade. But as happens to many professionals, I worked in one sector only. I became used to the specialized controls that only affected a small segment of the IA population in term..

  Describe wi-fi and telecommuting

Describe Wi-Fi and telecommuting. What are the issues associated with allowing this technology to access the organization's network

  Ppq parts manufacturing best software for mrp crp and erp

ppq parts manufacturing best software for mrp crp and erp needsas part of the management team for ppq parts

  Summary paragraph or abstract at the beginning of the report

Write a 4 to 5 page report focusing on the advantages and disadvantages of Business Continuity Planning in a financial organization under the Incident Command System. Make sure you include the following: a summary paragraph/abstract at the beginni..

  Fasb codification system provides the accountant with a

fasb codification system provides the accountant with a vast array of information related to accounting issues. assume

  A recipient of pmis project of the year award

Write a one-page paper summarizing a winning project, focusing on how the project manager and team used good project management practices.

  The effect of challenges on the use of internethow might

the effect of challenges on the use of internethow might cultural political or geoeconomic challenges affect a global

  Evaluate the computer forensics tools needed

Developing a plan for a computer forensics lab first requires you to create a business case to present to upper management for approval. Evaluate the computer forensics tools needed.

  What is a denial of service attack

What is identity theft?- What does a key logger do?-  What is spyware?-  What is a denial-of-service attack?

  Benefits of internal property management systems

What are the features and benefits of internal property management systems versus external global distribution systems? How do they compare? Which one offers the best overall competitive advantage

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd