Advanced Digital Forensics Case Investigation Report - SIT703

This report presents a detailed digital forensics case investigation, focusing on a scenario where an IT administrator, Arif, investigates a claim of a bogus account created on Amy's laptop. The investigation involves scanning for rootkits, analyzing event logs (Application, Security, System, and Internet), and identifying the malicious account. The report covers password recovery techniques, including using a password recovery tool and analyzing audit trails to determine user activities. Arif successfully identified the bogus account, its login and logout times, and the activities performed by the user, demonstrating the application of digital forensics principles to uncover and document evidence of unauthorized computer access and activity. The report also discusses the vulnerabilities associated with storing login credentials on a network and the tools and techniques used to exploit them. The report concludes with a summary of the findings and the steps taken to secure the system.