User Account

All Pages

What approach should john take in examining two computer

Assignment Help Computer Engineering
Reference no: EM133703587

Q 1. Jackson Company manufactures pet supplies for birds and cats. Its top-level staff includes two accountants, a technology coordinator, a production manager, a warehouse manager, an office manager, two sales managers, two assistants, and the CEO. The company's main offices and manufacturing plant in Los Angeles consist of an office building, a plant building, and two small warehouses. All buildings are connected via underground fiber optic cable. The servers, hubs, and routers are stored in the main office building.

The brain behind the IT network includes three server machines, named Washington, Jefferson, and Adams. The Adams server hosts the Mixta accounting system, which processes all internal and external accounting transactions in real time.

A recent audit by a regional accounting firm discovered six customer accounts that could not be traced back to real people. The auditors' confirmations had been returned in the mail, marked "Undeliverable" and with "Invalid Address" stamps. To make things worse, all six accounts had been written off for nonpayment of amounts ranging from $4,200 to $7,000. The discovery was a complete surprise to Sandra Winger, the credit manager, because she always reviewed and personally approved all write-offs over $2,500. She was sure that she had not approved any of these.

Sandra called in Tom Surefoot, a local forensic accountant, to investigate. She was sure that fraud was involved, and she strongly suspected that Betty Beanco, one of the office managers, had somehow gotten into the accounting system and set up the phony customer accounts and had probably sold the written-off accounts on the gray market. Sandra was furious.

"I don't care how much it costs," Sandra told Tom. "I want you to catch that woman. I'm not going to let her get away with robbing me like that."

How could Tom apply computer forensics and other techniques to determine whether or not Betty Beanco should be a suspect?

Jacksons network and the Mixta accounting system are a wonderful place for Mr. Surefoot to begin his investigation. A forensic accountant that can apply computer sciences to their investigation can recover lost data, restore deleted databases or files, identify if the suspect is internal or external and even pinpoint the device used in the fraud. If Jacksons network is secure, it is likely that the fraud is coming from inside the company, this narrows down the list of suspects in the investigation. Once a list of suspects is compiled Tom should conduct background checks and conduct interviews focusing on who would likely fit in the fraud triangle and eliminating suspects accordingly. It would also be prudent of Tom to investigate the "customers" whose accounts have been written off. It is likely that the "customer" is an accomplice to whomever is writing off these accounts.

Q 2 Julia Katchum is in charge of the Eastern Regional Counterterrorism Computer Forensics Unit. Her recent investigations led her to believe that an imminent threat of a terrorist act in the Chicago area exists. She did not know much about the attack except that at least four terrorists were involved, and one of them had just made a phone call from inside the main offices of Stevenson and Barnes International Accounting Firm. Her immediate task was to proceed directly to Stevens and Barnes with an eight-person tactical team including a counterterrorism field officer to apprehend the suspect.

Julia's primary mission was to search the suspect's office and home computers and find any information that could help thwart the attack. It was thought the attack could take place before the day was over.

When Julia and the CTU (counterterrorism unit) team arrived at the accounting firm, only the CTU officer went inside to avoid drawing undue attention.

Inside, the CTU officer surreptitiously spoke to the security guard at the front desk and asked to be escorted to the office of the head of security. Once there, the CTU officer used the building's surveillance cameras to locate the suspect who was in the center of a very large room full of staff accountants working in individual cubicles.

The CTU officer decided against sending in the entire team and to make the arrest alone. There was too big a chance that the suspect could see the team coming at him because of his position in the center of the room. If he saw them coming, he could have time to delete valuable evidence or to notify other terrorists.

The CTU officer worked his way through the cubicles in as casual a way as possible, but when he got half way to his destination, the suspect seemed to identify him and began typing frantically on his computer. When the CTU officer realized what the suspect was doing, he ran the rest of the way and stopped the suspect by pressing his 10mm pistol into the side of the man's head.

The CTU raided the suspect's home at the same moment he was arrested. Just a few minutes later, the officer in charge of that raid delivered the notebook computer to John Dobson, CTU's forensic accountant, as he was just beginning to look over the suspect's computer in the Stevens and Barnes offices.

John noted the following facts:

The suspect's office computer had open an instant messenger program. He could see a piece of a message written in Arabic.
The battery in the home notebook computer was warm, even though it was turned off and not plugged in when it was seized.
What approach should John take in examining the two computers? What are some specific things that he should include in his examination?

Reference no: EM133703587

Questions Cloud

Think of how the human body processes food to energy : Think of how the human body processes food to energy similar to how Petroleum fuels an automobile.
Draw a dfd diagram 0 that shows the revised design : Draw a context diagram for the new C3 system that shows the revised design. Draw a DFD diagram 0 that shows the revised design
What type of information does the team gather : data related to a suspected rogue system on a network. By using passive scanning, what type of information does the team gather
Discuss what nursings role is and should in decision making : After studying Module Lecture Materials & Resources, discuss what the nursing's role is and should be in decision making regarding selecting information systems
What approach should john take in examining two computer : What approach should John take in examining the two computers? What are some specific things that he should include in his examination?
Concerning the principle of separation of duties : Which of the following are accurate statements concerning the principle of separation of duties
Provide examples of experiences from professional practice : GDECE 104- Provide examples of your experiences from professional practice during the placement as a basis for your reflection.
What metric does this scenario represent : A power outage disrupts a medium-sized business, and the company must restore systems from backups. If the business can resume normal operations from a backup
Made in terms of health policy : What do you see as critical changes that will need to be made in terms of health policy in the United States?

Reviews

Write a Review

Computer Engineering Questions & Answers

  Mathematics in computing

Binary search tree, and postorder and preorder traversal Determine the shortest path in Graph

  Ict governance

ICT is defined as the term of Information and communication technologies, it is diverse set of technical tools and resources used by the government agencies to communicate and produce, circulate, store, and manage all information.

  Implementation of memory management

Assignment covers the following eight topics and explore the implementation of memory management, processes and threads.

  Realize business and organizational data storage

Realize business and organizational data storage and fast access times are much more important than they have ever been. Compare and contrast magnetic tapes, magnetic disks, optical discs

  What is the protocol overhead

What are the advantages of using a compiled language over an interpreted one? Under what circumstances would you select to use an interpreted language?

  Implementation of memory management

Paper describes about memory management. How memory is used in executing programs and its critical support for applications.

  Define open and closed loop control systems

Define open and closed loop cotrol systems.Explain difference between time varying and time invariant control system wth suitable example.

  Prepare a proposal to deploy windows server

Prepare a proposal to deploy Windows Server onto an existing network based on the provided scenario.

  Security policy document project

Analyze security requirements and develop a security policy

  Write a procedure that produces independent stack objects

Write a procedure (make-stack) that produces independent stack objects, using a message-passing style, e.g.

  Define a suitable functional unit

Define a suitable functional unit for a comparative study between two different types of paint.

  Calculate yield to maturity and bond prices

Calculate yield to maturity (YTM) and bond prices

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd