Writing Forensic Investigation Alleged Crime

Forensic Investigation Alleged Crime
Forensic Investigation Alleged Crime

This Forensic assignment targets What the nature of the alleged crime is, and how does the nature of the crime influence a prospective investigation?

  • Based on the limited information provided in the scenario, what is the rationale for launching an investigation that uses computer forensic activities? Would D&B and/or law enforcement need additional information in order to determine if they should proceed with an investigation? Why or why not?
  • What would you share with the client about how investigators prepare for and conduct a computer forensics investigation? Identify three to five key points that are most relevant to this case.
  • What sources of evidence would investigators likely examine in this case? Provide concrete examples and explain your rationale.
  • What should the client, investigators, and others do—or not do—to ensure that evidence could be used in a court of law? Using layman’s terms, explain laws and legal concepts that should be taken into account during the collection, analysis, and presentation of evidence.
  • What questions and concerns do you think the client will have?
  • What questions should the team ask the client to learn more about the case and determine the next steps?

Self-Assessment Checklist

▪    I have effectively documented the causes for investigation.

▪      I have effectively documented key points related to the collection, analysis, and presentation of computer forensic evidence.

▪    I have successfully identified potential sources of evidence.

▪    I have summarized laws and legal concepts that apply to this case.

Forensic Investigation

▪      I have created a professional, well-developed report with proper documentation, grammar, spelling, and punctuation.

Part 2: Analyzing an E-mail Archive for an Electronic Discovery Investigation

Scenario

D&B is conducting a very large electronic discovery (eDiscovery) investigation for a major client. This

case is so large that dozens of investigators and analysts are working on specific portions of the evidence in parallel to save time and improve efficiency.

Since this is the first time you will be working on this type of investigation for D&B, your manager gives you a “test” (a sample e-mail archive) so she can assess whether you need additional training before you begin working with the rest of the team on the eDiscovery case. Your manager tells you that this archive was extracted from a hard drive image marked “suspect,” but at present nothing more is known about the user. She expects you to examine the archive and document all findings that might be of interest to a forensic investigator. She explains that she will use your report to evaluate your investigation skills, logic and reasoning abilities, and reporting methods.

Tasks

  • Review the information about e-mail forensics and the Paraben P2 Commander E-mail Examiner feature in the chapter titled “E-mail Forensics” in the course textbook.
  • Using the P2 Commander E-mail Examiner, create a case file, select Add Evidence, and import the e-mail archive (filename: Outlook.pst). P2 Commander will automatically begin sorting and indexing if you choose that option.
  • Search for information about the user; your goal is to learn as much as possible about who the user is and what he or she has been doing. You may find evidence in the inbox or other mailboxes. You can use the software features to help you keep track of the evidence you identify, for instance, by bookmarking sections of interest and exporting attachments.
  • Write a report in which you:

o Document your investigation methods.

o  Document your findings. Explain what you found that may be of interest to a forensic investigator, and provide your rationale for including each selection.

Forensic Investigation

Required Resources

▪    Course textbook

▪    Outlook.pst file (e-mail archive)

▪    Internet access

Self-Assessment Checklist

▪    I have applied appropriate evidence collection and handling methods.

▪    I have correctly identified and analyzed evidence that is relevant to the investigation.

▪      I have created a professional, well-developed report with proper documentation, grammar, spelling, and punctuation.

Forensic Investigation

Part 3: Analyzing Evidence from Mac OS X

Scenario

Two weeks ago, D&B Investigations was hired to conduct an incident response for a major oil company in North Dakota. The company’s senior management had reason to suspect that one or more company employees were looking to commit corporate espionage. The incident response team went on-site, began monitoring the network, and isolated several suspects. They captured forensic images from the machines the suspects used. Now, your team leader has asked you to examine a forensic image captured from a suspect’s computer, which runs the Mac OS X operating system. The suspect’s name is John Smith, and he is one of the company’s research engineers.

Tasks

  • Review the information on the Mac OS X file structure provided in the chapter titled “Macintosh Forensics” in the course textbook.
  • Using Paraben P2 Commander, create a case file and add the image the incident response team captured (filename: Mac OS JSmith.img).
  • Sort and review the various directories within the Mac OS X image. Look for evidence or indicators that John Smith was or was not committing corporate espionage. This may include direct evidence that John Smith took corporate property, as well as indirect evidence or indicators about who the suspect is and what his activities were during work hours. You can use the software features to help you keep track of the evidence you identify, for instance, by bookmarking sections of interest and exporting files.
  • Write a report in which you:

o Document your investigation methods.

o  Document your findings. Explain what you found that may be relevant to the case, and provide your rationale for each item you have identified as an indicator or evidence that John Smith was or was not committing corporate espionage.

o Analyze the potential implications of these findings for the company and for a legal case.

Required Resources

▪    Course textbook

▪    Mac OS JSmith.img

▪    Internet access

Forensic Investigation

Self-Assessment Checklist

▪    I have applied appropriate evidence collection and handling methods.

▪    I have correctly identified and analyzed evidence that is relevant to the investigation.

▪    I have analyzed business considerations associated with the scenario.

▪    I have analyzed legal considerations associated with the scenario.

I have created a professional, well-developed report with proper documentation, grammar, spelling, and punctuation.

the role and impact of forensic evidence in the criminal justice process,

importance of forensic science in criminal investigation,

importance of forensic evidence in court,

what is digital forensics and how is it used in investigations,

5 steps in a process to collect digital evidence,

what are the problems facing investigations and forensics experts these days,

computer forensics seizing a computer,

collecting digital evidence flowchart,
ediscovery forensics,

digital forensics,

risk management in oil and gas industry,

risk management techniques used in the oil and gas industries,

operational risk in oil and gas industry,

oil and gas industry risk assessment,

risk assessment matrix oil and gas,

safety and risk management in oil and gas industry,

types of risk in oil and gas industry,

Want this paper done for you?

Click the make order link and you will be directly directed to the order page where you will complete the order.