In the state of Western Australia it is illegal to access, own or distribute digital content relating to ‘cats’.Jane, the network administrator for the Daily Planet was reviewing network traffic logs when shenoticed that an employee may have been accessing digital content relating to cats. The network administrator informed their line manager (Ash), and Ash notified the police. A junior police officerattended the company’s premises and assessed the network traffic logs,confirming that there is a high probability that digital content relating to cats had been accessed via a computer owned by an individual named Clark. Police obtained the necessary documents and seized the equipment relating to the allegation.
The suspectClark was formally interviewed and denied accessing any content relating to cats. To date, Clark does not have a criminal record.Paul Ekman was coincidentally onsite during the interview, and was asked to examine the video of the interview. Paul made a statement suggesting that Clark’s micro facial expressions didn’t quite “add up”. Clark was interviewed again, but this time used the malware defence.Paul Ekman and the forensic investigators concluded that “something wasn’t quite right”, and they concluded that this would be a suitable challenge for you, the new recruit within the department.
You have been assigned the task of examining a “forensic image”of the suspect’slaptop which was seized with the appropriate warrants and imaged using forensically sound practices.At this point in time, there is insufficient evidence to make any generalisations or conclusions regarding the case. The network logs conclusively suggest that Clark’s computer was used to access the illegal content.
Unfortunately, the junior forensic investigator who obtained a “forensic image” of the computer only performed a logical acquisition. To make matters worse, the junior investigator accidently, securely wipe the laptop’s entire hard drive. Fortunately, the logical acquisition was undertaken in a forensically sound manner and can still be used within the investigation. The MD5 hash of the forensic image is “044288459e2fd193e446eec8de0acdd9”.
Your task is to investigate the suppliedforensic image using appropriate tools and forensic process and to develop and submit a written report on your findings. You may use any tools to undertake the investigation but you must justify all of your actions!
• Start early and plan ahead, you may need to spend some time experimenting with various tools. If a tool or method fails to result in a successful outcome you should still document this action in your running sheet.Each tool has its own strengths and limitations.
• Each report will be unique and presented in its own way.
• Scrutinise the marking key, and ask any questions you may have EARLY in the semester!
• Look for clues/hints in the investigation. Strategically placed clues/hints have been created in this fictitious case study to help you along the way.
• It is not expected that you find every piece of evidenceand nor do you have to. Furthermore, should there password protected or encrypted content – you do not necessarily have to break/decrypt it to successfully progress with the investigation.
• Remember to ensure the integrity of the image being investigated. You should continually demonstrate that you have maintained integrity throughout your investigation.
• Consider what you are trying to find and what you need to negate. The background information of this document, provides carefully developed clues.
The submission must be a Microsoft Word document.You are only submitting 1 document through blackboard.You do not need an ECU assignment cover sheet.Do not submit more than 1 document as these will not be assessed.
If you submit your assignment after the due date, then you will be penalised in accordance with the standard ECU regulations of 5% of the maximum mark, for every work day that your assignment is late. If your assignment is submitted more than 5 days late, then you will be awarded a mark of 0 for the assignment.
Evidence (20 marks)
‘Issues’ are adequately populated with appropriate evidence
Evidence is characterised (filenames, sector locations, file extensions, metadata, hashes, dates/times, allocation status etc.)
Evidence has beenexplainedand analysed appropriately
Method and Timeline (20 marks)
Comprehensive running sheet with clearly defined aims, methods and results
Clear use of forensic process which is repeatable and reproducible
Accurate and professional timeline of evidence
Forensic Investigation Assignment Help, Online Forensic Investigation Assignment Help, online case study assignment help, case study homework help, best assignment help service, case study assignment writer, business studies assignment help, my assignment help services, professional case study writing services, professional coursework writing service,
Holding a PhD degree in Finance, Dr. John Adams is experienced in assisting students who are in dire need...
55 - Completed Orders
Canada, Toronto I have acquired my degree from Campion College at the University of Regina Occuption/Desi...
52 - Completed Orders
Even since I was a student in Italy I had a passion for languages, in fact I love teaching Italian, and I...
102 - Completed Orders
To work with an organization where I can optimally utilize my knowledge and skills for meeting challenges...
109 - Completed Orders
JOB OBJECTIVE Seeking entry level assignments in Marketing & Business Development with an organization...
202 - Completed Orders
Current work profile Project manager- The Researchers Hub (2nd Jan 2016 to presently working) Researc...
20 - Completed Orders
Sales Assistant, Mito Marina Assigned to the Stationery dept – assisted in merchandising, stock taking...
100 - Completed Orders