Forensics Report.

Added on - 22 Sep 2019

  • 3


  • 1304


  • 47


  • 0


Showing pages 1 to 1 of 3 pages
Forensics ReportIn this major task assume you are a Digital Forensics Examiner. Considering a real or a hypotheticalcase you are required to produce a formal report consisting of facts from your findings to your attorneywho has retained you. You are free to choose a forensics scenario which can be the examination of astorage media (HDD, USB Drive, etc), email or social media forensics, mobile device forensics, cloudforensics or any other appropriate scenario you can think of.Deliverable:A forensics report of2000word.RationaleThis assessment task covers data validation,e-discovery, steganography, reporting and presenting,andhas been designed to ensure that you are engaging with the subject content on a regular basis.More specifically it seeks to assess your ability to:determine the legal and ethical considerations for investigating and prosecuting digital crimesanalyse data on storage media and various file systemscollect electronic evidence without compromising the original data;evaluate the functions and features of digital forensics equipment, the environment and thetools for a digital forensics lab;compose technical tactics in digital crimes and assess the steps involved in a digital forensicsinvestigation;prepare and defend reports on the results of an investigationPresentationThe following should be included as minimum requirements in the report structure:• Executive Summary or AbstractThis section provides a brief overview of the case, your involvement as an examiner, authorisation,major findings and conclusion• Table of Contents• IntroductionBackground, scope of engagement, forensics tools used and summary of findings• Analysis Conductedo Description of relevant programs on the examined itemso Techniques used to hide or mask data, such as encryption, steganography, hidden attributes,hidden partitions etco Graphic image analysis• FindingsThis section should describe in greater detail the results of the examinations and may include:o Specific files related to the requesto Other files, including deleted files that support the findingso String searches, keyword searches, and text string searcheso Internet-related evidence, such as Web site traffic analysis, chat logs, cache files, e-mail, and newsgroup activityo Indicators of ownership, which could include program registration data.• ConclusionSummary of the report and results obtained• ReferencesYou must cite references to all material you have used as sources for the content of your work• GlossaryA glossary should assist the reader in understanding any technical terms used in the report. Use agenerally accepted source for the definition of the terms and include appropriate references.• Appendices
You’re reading a preview

To View Complete Document

Become a Desklib Library Member.
Subscribe to our plans

Download This Document