Reference no: EM13701001

Problem Description

During a criminal case investigation, a computer was taken as part of the evidence. The computer was found with a flash drive connected to one of the USB ports. It is suspected that this flash drive contains image files relevant to the case. Preliminary investigation revealed that the owner of the computer had the chance to delete some of image files. Other files were renamed so that they do not look like image files. It is also suspected that steganography was used with some of the files to conceal important information. The passphrase used for this purpose is hidden in the device slack space.

You are the computer forensic investigator on duty and are called to process this case. List the general steps and tools required to begin investigation. In addition, because it is a high level profile case, processes must be carefully documented.

Perform and document the following so that the findings are court ready:

Acquire a bit-stream copy from the flash drive
Recover deleted files
Analyze all files (including recovered) using WinHex and look for image files analyzing the file headers
Try to identify image files concealing information (steganography)
Look for the passphrase for steghide stored in the device's slack space (look for: "steghide passphrase")
Recover information with steghide

Outcome

List the general steps and tools required for this exercise.

Report the steps you need to perform these tasks.

***Please be sure to use scholarly resources to support your opinion.

Your full 2-3 page case study report is due at the end of week 5. In addition to the 2-3 pages of the report itself, you must include a title page and a references page. Your title page must include the title of your paper, the date, the name of this course, your name, and your instructor's name. Your references page must be written in APA citation style.

Your report must be meet the following requirements specification:

2-3 pages (double-spaced), excluding the title page, the abstract page (if included), and the references pages.
Use at least two references - you may use your textbook too.
In addition to the required number of pages for the assignment, you must also include a reference page (bibliography), written in APA style, and a title page. Be sure to give all of your papers a descriptive title.
Use APA Style formatting in Arial 11 or 12-point font or Times New Roman styles.
Page margins Top, Bottom, Left Side and Right Side = 1 inch, with reasonable accommodation being made for special situations
Your report must be in your own words, representing original work. Paraphrases of others' work must include attributions to the authors. Limit quotations to an average of no more than 15% of the paper, and use quotations sparingly!

This assignment has the embedded TurnItIn feature turned on. When you submit the report, an originality report will be generated. The report must comply with the acceptable originality criteria displayed in the announcements on Academic Honesty in Week 1 of the course.

Refer to the Evaluation Procedures section in the syllabus for additional information on assignments.