Digital Forensic Analysis Report
Added on 2023-01-10
11 Pages2371 Words86 Views
Running head: Digital Forensic 1
Digital Forensic
[Author Name(s), First M. Last, Omit Titles and Degrees]
[Institutional Affiliation(s)]
Author Note
[Include any grant/funding information and a complete correspondence address.]
Digital Forensic
[Author Name(s), First M. Last, Omit Titles and Degrees]
[Institutional Affiliation(s)]
Author Note
[Include any grant/funding information and a complete correspondence address.]
Running head: Digital Forensic 2
Executive Summary
The accompanying report was directed by CEO of Flashbill. My responsibility is to take
the proof gathered by the team and report convey actualities that would appear to be significant
the investigation. All the chain of custody procedure have been done to ensure the exhibits are
not tampered with. The report shows there is with reasonable doubt that the two colluded to steal
company’s intellectual property
Case Details
Flash bills CIO' Randal Simpson and Desert Oasis Funding lead developer Sarah Jensen
are being explored under the dread that they might have colluded to sell exclusive organization
data to the rivals in return for an occupation elevation
PC and Forensic Tool Statistics
The PC of CIO was expelled from its situation in Flashbill premises at 4/12/04 8:27:03
PM where it was trucked out to a close-by secure crime scene investigation office. The laptop
underwent a forensic audit. The hard drive image was taken by Encase,a tool good in forensic
audits. This program has a good reputation of providing the accurate hash of harddrive under
investigation to reduce breach of chain of custody by investigation team (Rowell & Potvin,
2015).
Examination
The following section details the start by start procedure done to come to the conclusion
of possible Intellectual property theft.
Logged case-> create a mirror by (C:\forensicsfile\winlabencase.image) by going to File -> Add
Device, clicking sessions, and tapping on including the proof record (Cohen, 2015).
Executive Summary
The accompanying report was directed by CEO of Flashbill. My responsibility is to take
the proof gathered by the team and report convey actualities that would appear to be significant
the investigation. All the chain of custody procedure have been done to ensure the exhibits are
not tampered with. The report shows there is with reasonable doubt that the two colluded to steal
company’s intellectual property
Case Details
Flash bills CIO' Randal Simpson and Desert Oasis Funding lead developer Sarah Jensen
are being explored under the dread that they might have colluded to sell exclusive organization
data to the rivals in return for an occupation elevation
PC and Forensic Tool Statistics
The PC of CIO was expelled from its situation in Flashbill premises at 4/12/04 8:27:03
PM where it was trucked out to a close-by secure crime scene investigation office. The laptop
underwent a forensic audit. The hard drive image was taken by Encase,a tool good in forensic
audits. This program has a good reputation of providing the accurate hash of harddrive under
investigation to reduce breach of chain of custody by investigation team (Rowell & Potvin,
2015).
Examination
The following section details the start by start procedure done to come to the conclusion
of possible Intellectual property theft.
Logged case-> create a mirror by (C:\forensicsfile\winlabencase.image) by going to File -> Add
Device, clicking sessions, and tapping on including the proof record (Cohen, 2015).
Running head: Digital Forensic 3
Set time zone -> Modify Time Zone. From the accompanying screen, We altered the
timezone to be the same with the current location time zone. This is important in getting accurate
logs We then stored recovered files int -> Recover Folders (Nuix, 2014).
The image was scripted in EnCase V4. Click view -> Scripts and chose the start Case
content which provoked me to enter data of the examiner and individual directories in the
examination (Vincze, 2016). Once scripted, the result was stored, and bookmarked. We
additionally expected to check which data we would need in the present. Data such as last
shutdown, timestamp was recorded (Johnson, 2013).Details of laptop include 32bit OS, 250GB
hardrive, windows 7 OS.This was critical in analysis
Set time zone -> Modify Time Zone. From the accompanying screen, We altered the
timezone to be the same with the current location time zone. This is important in getting accurate
logs We then stored recovered files int -> Recover Folders (Nuix, 2014).
The image was scripted in EnCase V4. Click view -> Scripts and chose the start Case
content which provoked me to enter data of the examiner and individual directories in the
examination (Vincze, 2016). Once scripted, the result was stored, and bookmarked. We
additionally expected to check which data we would need in the present. Data such as last
shutdown, timestamp was recorded (Johnson, 2013).Details of laptop include 32bit OS, 250GB
hardrive, windows 7 OS.This was critical in analysis
Running head: Digital Forensic 4
First, we set dictionary of words to use. Realizing what words to begin looking for could
enable us to load unnecessary data (Mendell, 2013). The scrips result contained like: Flatbill
company and Desert Oasis . With this rundown, we made a watchword list by tapping on View -
> Keywords. we right-clicked Keywords -> Add New Folder. I named the directory PSmith
Keywords. When the directory was made we then right tap the PSmith Keywords organizer ->
Insert Keyword List. The rundown box gets put away with the watchwords recently referenced.
The new catchphrases were then chosen and an inquiry was performed by going to Search at the
top.
The hunt was done under the accompanying criteria: look each record for watchwords,
seek document slack and chose catchphrases as it were (Haggerty, Haggerty, & Taylor, 2014).
The table underneath demonstrates the statistical findings of the audit.
With such huge numbers of hits for Flashbill and Desert Oasis, we presumed that the audit was
progressing nicely. We began with the littlest and stirred way up. Advancement's outcomes were
only a spam email. The records found under Flashbill company were venture documents and
some email objects (Pedneault & Davia, 2009). Now we were increasingly intrigued by proof
identifying with some sort of contact between Randal and Sarah (Moss, Endicott-Popovsky, &
First, we set dictionary of words to use. Realizing what words to begin looking for could
enable us to load unnecessary data (Mendell, 2013). The scrips result contained like: Flatbill
company and Desert Oasis . With this rundown, we made a watchword list by tapping on View -
> Keywords. we right-clicked Keywords -> Add New Folder. I named the directory PSmith
Keywords. When the directory was made we then right tap the PSmith Keywords organizer ->
Insert Keyword List. The rundown box gets put away with the watchwords recently referenced.
The new catchphrases were then chosen and an inquiry was performed by going to Search at the
top.
The hunt was done under the accompanying criteria: look each record for watchwords,
seek document slack and chose catchphrases as it were (Haggerty, Haggerty, & Taylor, 2014).
The table underneath demonstrates the statistical findings of the audit.
With such huge numbers of hits for Flashbill and Desert Oasis, we presumed that the audit was
progressing nicely. We began with the littlest and stirred way up. Advancement's outcomes were
only a spam email. The records found under Flashbill company were venture documents and
some email objects (Pedneault & Davia, 2009). Now we were increasingly intrigued by proof
identifying with some sort of contact between Randal and Sarah (Moss, Endicott-Popovsky, &
End of preview
Want to access all the pages? Upload your documents or become a member.