User Account

All Pages

What is the value of the evidence to the investigation

Assignment Help Case Study
Reference no: EM131692712 , Length: 25

Background

In the state of Western Australia it is illegal to access, own or distribute digital content relating to ‘cats'.Jane, the network administrator for the Daily Planet was reviewing network traffic logs when shenoticed that an employee may have been accessing digital content relating to cats. The network administrator informed their line manager (Ash), and Ash notified the police. A junior police officerattended the company's premises and assessed the network traffic logs,confirming that there is a high probability that digital content relating to cats had been accessed via a computer owned by an individual named Clark. Police obtained the necessary documents and seized the equipment relating to the allegation.

The suspectClark was formally interviewed and denied accessing any content relating to cats. To date, Clark does not have a criminal record.Paul Ekman was coincidentally onsite during the interview, and was asked to examine the video of the interview. Paul made a statement suggesting that Clark's micro facial expressions didn't quite "add up". Clark was interviewed again, but this time used the malware defence.Paul Ekman and the forensic investigators concluded that "something wasn't quite right", and they concluded that this would be a suitable challenge for you, the new recruit within the department.

You have been assigned the task of examining a "forensic image"of the suspect'slaptop which was seized with the appropriate warrants and imaged using forensically sound practices.At this point in time, there is insufficient evidence to make any generalisations or conclusions regarding the case. The network logs conclusively suggest that Clark's computer was used to access the illegal content.

Unfortunately, the junior forensic investigator who obtained a "forensic image" of the computer only performed a logical acquisition. To make matters worse, the junior investigator accidently, securely wipe the laptop's entire hard drive. Fortunately, the logical acquisition was undertaken in a forensically sound manner and can still be used within the investigation. The MD5 hash of the forensic image is "044288459e2fd193e446eec8de0acdd9".

Task
Your task is to investigate the suppliedforensic image using appropriate tools and forensic process and to develop and submit a written report on your findings. You may use any tools to undertake the investigation but you must justify all of your actions!

Report Structure

Cover Page
Unit code and title, assignment title, your name, student number, campus and tutor's name

Table of Contents
This must accurately reflect the content of your report and must be generated automatically in Microsoft Word with page numbers.

Summary
A succinct overview of the report. What were you looking for? How did you approach the investigation? What did you do? What did you find? What is the outcome of the investigation? Use numbers to support or extend the extent of any crimes that have been committed.

Issue #1 - Presentation of content relating to offence
A detailed representation of all content identified, extracted and analysed in the investigation. All evidence must characterised, explained and examined. What is the value of the evidence to the investigation? What does each piece of evidence mean?

Issue #2 - Identification
Detail all information relating to possible use/ownership of the evidence identified and extracted. How can you link the evidence to a particular owner? Is there any digital evidence which demonstrates ownership of the device or content?

Issue #3 - Intent
Was the content of interest purposefully accessed, downloaded, installed etc.? Was it accidental? What it a third party? Was it malicious software? Present all evidence to support your theory.

Issue #4 - Quantity of Files
How many files of every type were present. What percentage of these files relate to the offence? What does this mean for the overall investigation?

Issue #5 - Installed Software
What are the installed application relating to the investigation? What purpose do these application serve? Have they been used? Dates/times the application was used? What impact do these applications have on the investigation?

Additional Task Information
- Start early and plan ahead, you may need to spend some time experimenting with various tools. If a tool or method fails to result in a successful outcome you should still document this action in your running sheet.Each tool has its own strengths and limitations.
- Each report will be unique and presented in its own way.
- Scrutinise the marking key, and ask any questions you may have EARLY in the semester!
- Look for clues/hints in the investigation. Strategically placed clues/hints have been created in this fictitious case study to help you along the way.
- It is not expected that you find every piece of evidenceand nor do you have to. Furthermore, should there password protected or encrypted content - you do not necessarily have to break/decrypt it to successfully progress with the investigation.
- Remember to ensure the integrity of the image being investigated. You should continually demonstrate that you have maintained integrity throughout your investigation.
- Consider what you are trying to find and what you need to negate. The background information of this document, provides carefully developed clues.

Reference no: EM131692712

Questions Cloud

Evaluate the likelihood of traditional corporations : Evaluate the likelihood of traditional corporations using social responsibility as an effective competitive strategy
Probability that sample mean will fall in population mean : An economist wishes to estimate the average family income in a certain population. The population standard deviation is known to be $4,500, and the economist.
Discuss a secondary positive reinforcer : discussion post participation. Using your rubric, evaluate your own overall participation in the discussion forums during this course
Explain how decision style can effect on the decision : Explain how decision style can effect on the decision makers think and react to a problem
What is the value of the evidence to the investigation : Forensic Investigation Case Study - What is the value of the evidence to the investigation? What does each piece of evidence mean
What are the principles and techniques of debriefing : What are the principles and techniques of debriefing? Identify the global initiatives for improving international crisis intervention services?
Find the proportion of all mutual funds : Determine the probability that another random sample would lead to a sample proportion as low as or lower than the one obtained by the analyst.
Indicate the number of operands for instruction : Assign opcodes and indicate the number of operands for each instruction. When your instructions are stored in memory
Reflect on insights you had while creating the rubric : Reflect on insights you had while creating the rubric and while evaluating your own performance using the rubric

Reviews

len1692712

10/26/2017 8:02:03 AM

APA Referencing Style to be followed Images have to be downloaded: unit computer ,forensics assessments section. Have to find 16 Evidences from the Images & explain how the evidences were found (Have asked the client to share the Login Link) Use software autopsy for finding evidences

len1692712

10/26/2017 7:57:45 AM

The submission must be a Microsoft Word document.You are only submitting 1 document through blackboard.You do not need an ECU assignment cover sheet.Do not submit more than 1 document as these will not be assessed. Late submission If you submit your assignment after the due date, then you will be penalised in accordance with the standard ECU regulations of 5% of the maximum mark, for every work day that your assignment is late. If your assignment is submitted more than 5 days late, then you will be awarded a mark of 0 for the assignment.

len1692712

10/26/2017 7:57:21 AM

Marking Key CRITERIA MARK Evidence (20 marks) ‘Issues’ are adequately populated with appropriate evidence /8 Evidence is characterised (filenames, sector locations, file extensions, metadata, hashes, dates/times, allocation status etc.) /8 Evidence has beenexplainedand analysed appropriately /4 Method and Timeline (20 marks) Comprehensive running sheet with clearly defined aims, methods and results /8 Clear use of forensic process which is repeatable and reproducible /6 Accurate and professional timeline of evidence /6

Write a Review

Case Study Questions & Answers

  From the scenario, prioritize the attributes of golds reling

From the scenario, prioritize the attributes of Golds Reling's brand from the brand map presented in the scenario according to the attributes that you believe would be most important to the new tablet's target market. Provide support for your respons..

  Discuss critically infosys current and future strategy

Discuss critically Infosys current and future strategy. What advice would you give Kris Gopalakrishnan and KShop has resulted in information overload among staff. What operational measures would you suggest to overcome such challenges?

  Review tarmac business case for diversity

Review Tarmac's Business Case for Diversity and the Learning Resources. Think about Tarmac's approach to managing diversity and how it relates to organisational behaviour concepts and human resource processes.

  Enron case shared activity

Enron was the first nationwide natural gas pipeline network in the United States. As the company grew, executives shifted the company's primary focus from energy delivery and infrastructure to investing in the stock market.

  Ebay inc internet success or fairy tale

Read the case study "eBay Inc.: Internet Success or Fairy Tale? "and answer the question below,   Use the 2002 financial statement data to replicate the Meyer's report calculations that illustrate the conclusion based on the 2001 data reached in the ..

  Mintendo game girl case study

Which option delivers the maximum profit for the supply chain: Sandra's plan, Bill's plan, or no promotion plan at all? How does the answer change if a discount of $10 must be given to reach the same level of impact that the $5 discount received?

  Splash soft drinks case study

Splash Soft Drinks Inc. (SSD) has recently achieved sales that exceeded its expectations after it introduced a new beverage that was greatly welcomed by their customers. The company is currently considering opening a new plant to which some of the pr..

  Details of the task using tesco plc

Details of the task Using Tesco plc (www.tesco.com) as a case study, prepare a report of no more than 2,500 words that:

  What are the common manifestations of alcoholic cirrhosis

What are the common manifestations of alcoholic cirrhosis? Which of these are secondary to hepatocellular failure? Which are secondary to portal hypertension?

  Judge the extent to which the marketing plan at just us

From the case study, judge the extent to which the marketing plan at Just Us! is outdated. Propose two (2) ways that Just Us! could improve the customer experience and thus sustain future growth.

  Read natasha kingery case and answer the questions

Read the DATA CASE on pages 126-127 about Natasha Kingery who is considering furthering her education and is seeking financial advice. Determine the interest rate she is currently earning on her inheritance by going to Yahoo!

  Identify the relevant facts of the case study

Imagine you are the financial controller of XYZ Ltd a corporation that is a very large donor to HOHO. You have recently become aware that its TV advertising has resulted in the charity violating the 25% expenditure ratio for its charity drive.    Id..

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +91-977-207-8620

Phone: +91-977-207-8620

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd