User Account

All Pages

Case - email infidelity in computer forensics investigation

Assignment Help Computer Engineering
Reference no: EM134008577

Digital Forensics

Tutorial 1

Read the enclosed case study (Case Study: famous cases digital forensics) below and answer the following questions. This tutorial also relates to concepts covered in Computer Science and Software Engineering.

Question 1. Discuss your options for acquiring the image

Question 2. What questions should you ask and how should you proceed?

Question 3. Explain three common types of digital crime

Question 4. Discuss the acquisition method that can be used.

Question 5. Discuss the options that can be used to recover the file.

Tutorial 2

Case 1
At murder scene, you have started making an image of computer's drive. You're in the back bedroom of the house, and a small fire has started in the kitchen. If the fire can't be extinguished, you have only a few minutes to acquire data from a 10GB hard disk. Write one paragraph outlining your options for preserving the data.

Case 2
You need to acquire an image of a disk on a computer that can't be removed from the scene, and you discover that it's a Linux computer. What are your options for acquiring the image? Write 2-3 paragraphs specifying the hardware and software you would use. Knowledge of Linux and Operating System concepts may support this task.

Case 3
You're investing a case involving a 2 GB drive that you need to copy at the scene. Write one to two paragraphs designing three options you have to copy the drive accurately. Be sure to include your software and media choices.

Tutorial 3

Read the enclosed case study (Case Study: Email Infidelity in a Computer Forensics Investigation) below and answer the following questions:

1. Discuss your options for acquiring the image

2. What questions should you ask and how should you proceed?

3. Explain three common types of digital crime

4. Discuss the acquisition method that can be used.

5. Discuss the options that can be used to recover the file.

Tutorial 4

Case 1
A new start-up SME (small-medium enterprise) based in Luton with an E-government model has recently begun to notice anomalies in its accounting and product records. It has undertaken an initial check of system log files, and there are a number of suspicious entries and IP addresses with a large amount of data being sent outside the company firewall. They have also recently received a number of customer complaints saying that there is often a strange message displayed during order processing, and they are often re-directed to a payment page that does not look legitimate.

The company makes use of a general purpose eBusiness package (OSCommerce) and has a small team of six IT support professionals, but they do not feel that they have the expertise to carry out a full scale malware/forensic investigation.

As there is increased competition in the hi-tech domain, the company is anxious to ensure that their systems are not being compromised, and they have employed a digital forensic investigator to determine whether any malicious activity has taken place, and to ensure that there is no malware within their systems.

Your task is to investigate the team's suspicions and to suggest to the team how they may be able to disinfect any machines affected with malware, and to ensure that no other machines in their premises or across the network have been infected. The team also wants you to carry out a digital forensics investigation to see whether you can trace the cause of the problems, and if necessary, to prepare a case against the perpetrators. Topics associated with Data Communication And Networking and Data Mining are relevant for this investigation process.

The company uses Windows Server NT for its servers. Patches are applied by the IT support team on a monthly basis, but the team has noticed that a number of machines do not seem to have been patched.

Discuss how you would approach the following:

• Malware investigation
• Digital Forensic Investigation

Write a general overview of the methodology that you will use and provide a reasoned argument as to why the particular methodology chosen is relevant.

Write a process that you will use to collect evidence and discuss the relevant guidelines that need to be followed when collecting digital evidence

Case 2
You're investigating a case involving an employee who's allegedly send inappropriate photos via email in attachments that have been compressed with a zip utility. As you examine the employee's hard disk, you find a file named Orkty.zip, which you suspect is a graphics files. When you try to open the file in an image viewer, a message is displayed indicating that the file is corrupt. Write one pages explaining how to recover Orkty.zip for further investigation.

Case 3
You work for a mid-size corporation known for its inventions that does a lot of copyright and patent work. You're investigating an employee suspected of selling and distributing animations created for your corporation. During your investigation of the suspect's drive, you find some files with the unfamiliar extension .xde. The network administrator mentions that other .xde files have been sent through an FTP server to another site. Write one page describing your findings after conducting an Internet search for this file extension.

Tutorial 5

Read the enclosed case studies below and answer the questions in each case:

Case 1
As a part of the duties of a digital forensics examiner, creating an investigation plan is a standard practice. Write one to two pages describing how you would organize an investigation into a potential fraud case. In addition, list methods you plan to use to validate the date collected from drives and files, such as Word and Excel, with hashes. Specify the hash algorithm you plan to use, such as MD5 or SHA1.

Case 2
Several graphics files were transmitted via email from an unknown source to a suspect in an ongoing investigation. The lead investigator gives you these graphics files and tells you that at least four messages should be embedded in them. Use your problem-solving and brainstorming skills to determine a procedure to follow. Write a short report outlining what to do.

Case 3
A drive you are investigating contains several password-protected files and other files with headers that don't match the extension. Write a report describing the procedures for retrieving the evidence with some of the forensics tools and hexadecimal editors discussed in chapter 8 and 9. Explain how to identify the files header and determine how their extensions are mismatched. Then discussed what techniques and tools you can use for recovering password from the protected files.

Reference no: EM134008577

Questions Cloud

How performance of the social enterprise could be measured : Identify the possible strategies for attaining your social enterprise objectives using the Ansoff Matrix.
Explain the specific steps you would take to support : As a leader, explain the specific steps you would take to support a culture of equity and inclusion within the organization.
Describe details of each persona group to address of walmart : Describe the details of each persona group to address of Walmart. Are these personas currently targeted or are any of the groups new?
Identify your strength and identify opportunities for growth : Identify your strengths Identify opportunities for growth. For each area in which you have an opportunity for growth, what is one strategy you want to try?
Case - email infidelity in computer forensics investigation : ITSC3004 Digital Forensics, Victorian Institute of Technology - Discuss your options for acquiring the image and What questions should you ask
Explain the role of human resources within an organization : Explain the role of human resources within an organization and how the department supports managers. What type of conflict is occurring?
Describe the values-structure and culture of a daycare : Describe the mission, vision, values, structure, and culture of a daycare.
Identify as ways that screen media exposure leads to obesity : What did Robinson et al. (2017) identify as ways that screen media exposure leads to obesity?
Describe the rationale behind each question : Describe the rationale behind each question and explain how this tool could be applied to the situation you encountered.

Reviews

Write a Review

Computer Engineering Questions & Answers

  Mathematics in computing

Binary search tree, and postorder and preorder traversal Determine the shortest path in Graph

  Ict governance

ICT is defined as the term of Information and communication technologies, it is diverse set of technical tools and resources used by the government agencies to communicate and produce, circulate, store, and manage all information.

  Implementation of memory management

Assignment covers the following eight topics and explore the implementation of memory management, processes and threads.

  Realize business and organizational data storage

Realize business and organizational data storage and fast access times are much more important than they have ever been. Compare and contrast magnetic tapes, magnetic disks, optical discs

  What is the protocol overhead

What are the advantages of using a compiled language over an interpreted one? Under what circumstances would you select to use an interpreted language?

  Implementation of memory management

Paper describes about memory management. How memory is used in executing programs and its critical support for applications.

  Define open and closed loop control systems

Define open and closed loop cotrol systems.Explain difference between time varying and time invariant control system wth suitable example.

  Prepare a proposal to deploy windows server

Prepare a proposal to deploy Windows Server onto an existing network based on the provided scenario.

  Security policy document project

Analyze security requirements and develop a security policy

  Write a procedure that produces independent stack objects

Write a procedure (make-stack) that produces independent stack objects, using a message-passing style, e.g.

  Define a suitable functional unit

Define a suitable functional unit for a comparative study between two different types of paint.

  Calculate yield to maturity and bond prices

Calculate yield to maturity (YTM) and bond prices

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +91-977-207-8620

Phone: +91-977-207-8620

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd