Forensics Report – Global Homework Experts

Forensics Report (20 Marks)

order now

In this major task you are assumed as a Digital Forensics Examiner. Considering a real or a hypothetical case you are required to produce a formal report consisting of facts from your findings to your attorney who has retained you. You are free to choose a forensics scenario which can be examination of a storage media (HDD, USB Drive etc), spoofed email, unscrambling bits, revealing information from an image or any other appropriate scenario you can think of.

Deliverable: A forensics report of 1800-2000 words.

Rationale

This assessment task covers data validation, e-discovery, steganography, reporting and presenting, and has been designed to ensure that you are engaging with the subject content on a regular basis. More specifically it seeks to assess your ability to:

determine the legal and ethical considerations for investigating and prosecuting digital crimes

analyze data on storage media and various file systems

collect electronic evidence without compromising the original data;

evaluate the functions and features of digital forensics equipment, the environment and the tools for a digital forensics lab;

compose technical tactics in digital crimes and assess the steps involved in a digital forensics investigation;

prepare and defend reports on the results of an investigation

Presentation

Following should be included as minimum requirements in the report structure:

Executive Summary or Abstract

This section provides a brief overview of the case, your involvement as an examiner, authorization, major findings and conclusion.

Table of Content

Introduction
Background, scope of engagement, forensics tools used and summary of findings

Analysis Conducted
o Description of relevant programs on the examined items
o Techniques used to hide or mask data, such as encryption, steganography, hidden attributes, hidden partitions etc
o Graphic image analysis

Findings
This section should describe in greater detail the results of the examinations and may include:
o Specific files related to the request
o Other files, including deleted files that support the findings
o String searches, keyword searches, and text string searches
o Internet-related evidence, such as Web site traffic analysis, chat logs, cache files, e-mail, and news group activity
o Indicators of ownership, which could include program registration data.

Conclusion
Summary of the report and results obtained

References
you must cite references to all material you have used as sources for the content of your work

Glossary

A glossary should assist the reader in understanding any technical terms used in the report. Use a generally accepted source for the definition of the terms and include appropriate references.

Appendices
You can attach any supporting material such as printouts of particular items of evidence, digital copies of evidence, and chain of custody documentation.

Follow the referencing guidelines for APA 6