Digital Forensic Report for M57.biz Organization Case
Create a digital forensic report for a patent search company, focusing on the organization's employees, data security measures, and restrictions on data access and sharing.
26 Pages2973 Words408 Views
Added on 2023-06-01
About This Document
The objective of this project is to create a digital forensic report for the M57.biz organization case. The report covers the methodology, analysis, and findings of the provided forensic image file. The report identifies the leaking design information by using the FTK imager tool. The report also discusses the security issues faced by organizations and the role of digital forensic systems in maintaining data security.
Digital Forensic Report for M57.biz Organization Case
Create a digital forensic report for a patent search company, focusing on the organization's employees, data security measures, and restrictions on data access and sharing.
Added on 2023-06-01
ShareRelated Documents
Forensic Computing
Executive Summary
The main objective of this project is to create the digital forensic report for the provided
case. The m57.biz organization refers to a company of patent search which intends to
researche the patent information for its clients. This organization generally verifies the
novelty of patent for the business of patent searches and for invalidating the a available
patents by determining it priorly. This organization has four employees such as, two patent
researchers, IT administrator and CEO. This firm is planning to hire additional employees at
a later date, once the further clients are booked. The employees of this organization strictly
work onsite and perform the most of the business exchanges through email. Also the
employees work in windows operating system, despite tat their preference varies with
software such as, Thunderbird or outlook. The information of the design is very sensitive and
has great potential value. So, the clients are assigned to only one research staff for one case
and the data copy is not allowed. Moreover, no sharing of contacts is allowed. The contact
and data are strictly forbidden to take data offsite. The information of the pre-patent design is
only on the hard drive of the employee assigned to the clients. Such information’s backup is
performed weekly, by Terry. But, one of the researcher staff (Jo) was leaking the suspicion of
the details for certain patents to the third party organization. So, our cyber security
organization required to identify the leaking design information, by using the forensics tool.
Here, we are using the FTK imager tool to identify the leaking design information. The cyber
security organization was contacted by Mr Pat McGoo, to identifying the concern, where one
of their patent researcher is under suspicion of leaking the design information, for certain
patents to the third party organization. So, the user need to prepare digital forensic report for
this above case and analysis the provided forensic image file.
1
The main objective of this project is to create the digital forensic report for the provided
case. The m57.biz organization refers to a company of patent search which intends to
researche the patent information for its clients. This organization generally verifies the
novelty of patent for the business of patent searches and for invalidating the a available
patents by determining it priorly. This organization has four employees such as, two patent
researchers, IT administrator and CEO. This firm is planning to hire additional employees at
a later date, once the further clients are booked. The employees of this organization strictly
work onsite and perform the most of the business exchanges through email. Also the
employees work in windows operating system, despite tat their preference varies with
software such as, Thunderbird or outlook. The information of the design is very sensitive and
has great potential value. So, the clients are assigned to only one research staff for one case
and the data copy is not allowed. Moreover, no sharing of contacts is allowed. The contact
and data are strictly forbidden to take data offsite. The information of the pre-patent design is
only on the hard drive of the employee assigned to the clients. Such information’s backup is
performed weekly, by Terry. But, one of the researcher staff (Jo) was leaking the suspicion of
the details for certain patents to the third party organization. So, our cyber security
organization required to identify the leaking design information, by using the forensics tool.
Here, we are using the FTK imager tool to identify the leaking design information. The cyber
security organization was contacted by Mr Pat McGoo, to identifying the concern, where one
of their patent researcher is under suspicion of leaking the design information, for certain
patents to the third party organization. So, the user need to prepare digital forensic report for
this above case and analysis the provided forensic image file.
1
Table of Contents
Introduction.........................................................................................................................................3
Methodology Details............................................................................................................................4
Analysis and Findings.........................................................................................................................5
Summary and Conclusion.................................................................................................................23
References..........................................................................................................................................25
2
Introduction.........................................................................................................................................3
Methodology Details............................................................................................................................4
Analysis and Findings.........................................................................................................................5
Summary and Conclusion.................................................................................................................23
References..........................................................................................................................................25
2
Introduction
In this report, the primary objective is to create the digital forensics report for provided
case. The m57.biz organization is a patent search company that, researches the patent
information for their clients. This organization generally verifies the novelty of patent for the
business of patent searches and to invalidate the existing patents by determining it priorly.
This organization has four employees such as, two patent researchers, IT administrator and
CEO. This firm is planning to hire additional employees at a later date, once the further
clients are booked. The employees of this organization strictly work onsite and perform the
most of the business exchanges through email. Also the employees work in windows
operating system, despite tat their preference varies with software such as, Thunderbird or
outlook. The information of the design is very sensitive and has great potential value. So, the
clients are assigned to only one research staff for one case and the data copy is not allowed.
Moreover, no sharing of contacts is allowed. The contact and data are strictly forbidden to
take data offsite. The information of the pre-patent design is only on the hard drive of the
employee assigned to the clients. Such information’s backup is performed weekly, by Terry.
But, one of the researcher staff (Jo) was leaking the suspicion of the details for certain patents
to the third party organization. So, our cyber security organization required to identify the
leaking design information, by using the forensics tool. Here, we are using the FTK imager
tool to identify the leaking design information. The cyber security organization was contacted
by Mr Pat McGoo, to identifying the concern, where one of their patent researcher is under
suspicion of leaking the design information, for certain patents to the third party organization.
Mr. Pat McGoo provides the below information.
Firstly, Jo has become the suspect, so Jo’s work computer was temporarily seized and
the computer hard disk was removed. The forensics image was created by Terry on
December 21st 2009. Jo's subject matter is on PC recreations, there have been no issues with
these licenses until this point. Amusement structure materials would be typical to discover on
the plate. The Wuzbro Toy Company (m57.biz customer and proprietor of toy plans and
licenses) has whined that three ongoing toy structures have had relatively indistinguishable
plans protected by their rivals, Asian Entertainment Corporation. No part of these three plans
must be found on Jo's system and, contingent on the degree of evidence found on Jo's plate,
the accompanying outcomes are conceivable such as, Cautioning and Probation, End of
Employment, Common Lawsuit for Damages and Giving over the case to the nearby police
3
In this report, the primary objective is to create the digital forensics report for provided
case. The m57.biz organization is a patent search company that, researches the patent
information for their clients. This organization generally verifies the novelty of patent for the
business of patent searches and to invalidate the existing patents by determining it priorly.
This organization has four employees such as, two patent researchers, IT administrator and
CEO. This firm is planning to hire additional employees at a later date, once the further
clients are booked. The employees of this organization strictly work onsite and perform the
most of the business exchanges through email. Also the employees work in windows
operating system, despite tat their preference varies with software such as, Thunderbird or
outlook. The information of the design is very sensitive and has great potential value. So, the
clients are assigned to only one research staff for one case and the data copy is not allowed.
Moreover, no sharing of contacts is allowed. The contact and data are strictly forbidden to
take data offsite. The information of the pre-patent design is only on the hard drive of the
employee assigned to the clients. Such information’s backup is performed weekly, by Terry.
But, one of the researcher staff (Jo) was leaking the suspicion of the details for certain patents
to the third party organization. So, our cyber security organization required to identify the
leaking design information, by using the forensics tool. Here, we are using the FTK imager
tool to identify the leaking design information. The cyber security organization was contacted
by Mr Pat McGoo, to identifying the concern, where one of their patent researcher is under
suspicion of leaking the design information, for certain patents to the third party organization.
Mr. Pat McGoo provides the below information.
Firstly, Jo has become the suspect, so Jo’s work computer was temporarily seized and
the computer hard disk was removed. The forensics image was created by Terry on
December 21st 2009. Jo's subject matter is on PC recreations, there have been no issues with
these licenses until this point. Amusement structure materials would be typical to discover on
the plate. The Wuzbro Toy Company (m57.biz customer and proprietor of toy plans and
licenses) has whined that three ongoing toy structures have had relatively indistinguishable
plans protected by their rivals, Asian Entertainment Corporation. No part of these three plans
must be found on Jo's system and, contingent on the degree of evidence found on Jo's plate,
the accompanying outcomes are conceivable such as, Cautioning and Probation, End of
Employment, Common Lawsuit for Damages and Giving over the case to the nearby police
3
office for indictment. So, the user need to prepare a digital forensics report for this case and
analyze the provided forensic image file.
Methodology Details
The security of the created and gathered data is considered as the most multi-dimensional
order, in the present day time of data innovation. The organizations and government on the
whole performs the exercises of data security with the help of computerized measurable
frameworks. The advanced measurable frameworks give administration of principles, rules
and best practices, which are created to keep up data security, in any organization. The
obligations and jobs of people, occurred correspondence among these created jobs, duties of
best administration and utilization of data security is likewise characterized by the assistance
of advanced criminological framework. The entire structure of data security inside any
organization is guaranteed by the actualized computerized measurable framework. Along
these lines, the computerized criminological framework is like, administration framework
which is utilized to keep up and set up the anchored condition for any data framework
(Boddington, 2016).
The required methodology and related procedures for compelling administration of data
security are being set up by these computerized 5 criminological frameworks. The essential
point of all and related procedures for the powerful administration of data security built up by
the computerized legal framework are, to give legitimate security to all the data resources of
any organization. This likewise, intends to make constant upgrades in security of any
organization. These worldwide measures give a methodology of hazard administration and
administration control on generally speaking framework by observing, foundation, activities,
execution, enhancements and support of data security in the advanced scientific framework.
The strategies, structure of organization, obligations, exercises of arranging, techniques,
related practices and utilized assets are characterized by these principles for helping
computerized criminological framework. As it is a legal and logical procedure of
examination, thus the Forensic procurement as a piece of computerized measurable
framework requires execution of the following advances:
Procurement: In this progression, the seized procedure for any show is finished. The
confirmation of the obtained picture is finished by making use of MD5 hash
capacities or SHA-1. By utilizing these MD5 hash capacities or SHA-1, the first
4
analyze the provided forensic image file.
Methodology Details
The security of the created and gathered data is considered as the most multi-dimensional
order, in the present day time of data innovation. The organizations and government on the
whole performs the exercises of data security with the help of computerized measurable
frameworks. The advanced measurable frameworks give administration of principles, rules
and best practices, which are created to keep up data security, in any organization. The
obligations and jobs of people, occurred correspondence among these created jobs, duties of
best administration and utilization of data security is likewise characterized by the assistance
of advanced criminological framework. The entire structure of data security inside any
organization is guaranteed by the actualized computerized measurable framework. Along
these lines, the computerized criminological framework is like, administration framework
which is utilized to keep up and set up the anchored condition for any data framework
(Boddington, 2016).
The required methodology and related procedures for compelling administration of data
security are being set up by these computerized 5 criminological frameworks. The essential
point of all and related procedures for the powerful administration of data security built up by
the computerized legal framework are, to give legitimate security to all the data resources of
any organization. This likewise, intends to make constant upgrades in security of any
organization. These worldwide measures give a methodology of hazard administration and
administration control on generally speaking framework by observing, foundation, activities,
execution, enhancements and support of data security in the advanced scientific framework.
The strategies, structure of organization, obligations, exercises of arranging, techniques,
related practices and utilized assets are characterized by these principles for helping
computerized criminological framework. As it is a legal and logical procedure of
examination, thus the Forensic procurement as a piece of computerized measurable
framework requires execution of the following advances:
Procurement: In this progression, the seized procedure for any show is finished. The
confirmation of the obtained picture is finished by making use of MD5 hash
capacities or SHA-1. By utilizing these MD5 hash capacities or SHA-1, the first
4
condition of the gathered proof is again guaranteed, confirmed and is known as
hashing. If there is close down of framework for the criminological examination
which isn't conceivable, at that point, blend of e-revelation forms and advanced
scientific obtaining is being conveyed for finding the confirmations in huge picture
drives. The e-disclosure procedures can likewise make proof gathering for the
computerized scientific through record servers or cloud assets (CYBERCRIME AND
DIGITAL FORENSICS, 2018).
Investigation: While securing process is completed, the proof distinguishing proof via
a created speculation of tempered information is directed. In the following
investigation, the natural systems are pursued that makes the ID of proof hardening
records by making a comprehensive pursuit by filling the document gaps. This
examination uses the quantity of tools dependent on various philosophies for making
recuperation of temper material to start. The tool such as FTK is used here by the
legal inspectors for seeing and recuperating the temper information records. The
examination of these information recuperation typically changes for pictures,
archives, messages and web history or for the visit logs. The recuperation of
information is characterized with the space that is available from the used plate,
erased spaces and the reserve documents of the working system. Catchphrase seeking
is the most ordinarily utilized strategy for proof recuperation from procured picture
records. A particular byte set of picture documents are additionally utilized for
characterizing the start and completion of any investigation process of the advanced
measurable. When the ID process is completed, rebuilding of the deleted information
document starts. The hash marks are the parts which are used by the scientific
analysts via, various tools to contrast the DRS and the deleted documents.
Revealing: Once the examination procedure is completed, the gathered specialized
individuals and the non-specialized confirmations are accounted for the organization,
for the ID of deleted documents and for the occured misfortunes (Pollitt & Shenoi,
2010).
Analysis and Findings
There are such significant number of open source tools accessible in the market, to make
usage of advanced measurable erased documents, where the FTK Imager 3.2.0.0 is one of
5
hashing. If there is close down of framework for the criminological examination
which isn't conceivable, at that point, blend of e-revelation forms and advanced
scientific obtaining is being conveyed for finding the confirmations in huge picture
drives. The e-disclosure procedures can likewise make proof gathering for the
computerized scientific through record servers or cloud assets (CYBERCRIME AND
DIGITAL FORENSICS, 2018).
Investigation: While securing process is completed, the proof distinguishing proof via
a created speculation of tempered information is directed. In the following
investigation, the natural systems are pursued that makes the ID of proof hardening
records by making a comprehensive pursuit by filling the document gaps. This
examination uses the quantity of tools dependent on various philosophies for making
recuperation of temper material to start. The tool such as FTK is used here by the
legal inspectors for seeing and recuperating the temper information records. The
examination of these information recuperation typically changes for pictures,
archives, messages and web history or for the visit logs. The recuperation of
information is characterized with the space that is available from the used plate,
erased spaces and the reserve documents of the working system. Catchphrase seeking
is the most ordinarily utilized strategy for proof recuperation from procured picture
records. A particular byte set of picture documents are additionally utilized for
characterizing the start and completion of any investigation process of the advanced
measurable. When the ID process is completed, rebuilding of the deleted information
document starts. The hash marks are the parts which are used by the scientific
analysts via, various tools to contrast the DRS and the deleted documents.
Revealing: Once the examination procedure is completed, the gathered specialized
individuals and the non-specialized confirmations are accounted for the organization,
for the ID of deleted documents and for the occured misfortunes (Pollitt & Shenoi,
2010).
Analysis and Findings
There are such significant number of open source tools accessible in the market, to make
usage of advanced measurable erased documents, where the FTK Imager 3.2.0.0 is one of
5
End of preview
Want to access all the pages? Upload your documents or become a member.