Wednesday, May 15, 2019
Computer Forensic Examiner Field Report Case Study
Computer Forensic Examiner field Report - Case Study ExampleDuring the process of gathering digital inference, elaborate sustenance is needful to help identity evidence, and demonstrate policies used in the exercise. In addition, appropriate documentation is essential in the location of evidence build in a plague scene. In relation to documentation, a unclutter filament of custody helps determine analysts involved in handling of evidence. It also identifies the owners of evidence and persons who receive it, as well as store them (Turkey, 2008). This concept is vital in tracing the movement of evidence from unrivaled analyst to another. During a digital evidence fieldwork, an evidence custodian will keep accurate documentation of the evidence and ensure that evidence has tags and stored in secure bags ready for transport. The most vital reason for maintaining chain of custody is ensuring that digital evidence is admissible as evidence (Soloman, 2011, p.55). Concisely, the abo ve tasks transpired during a recent digital evidence fieldwork where I was called to identify, secure, and preserve digital evidence from a suspected corporate user. Observation withstand week on 25 November 2012, our department received a request to from a local media business firm for a digital evidence analysis. ... The room had several other pieces of computer unverbalizedware such as servers, switches, and network cables. There were some shelves on the right with some five computers. The administrator, who was showing us the computers, pointed at the computers and told us that the suspect used one of the computers. Seeing that we had room to use for the investigation, I agreed with Dorothy what we could station identify the evidence on it. First, we asked the network administrator to help us identify the suspect computer. To do this, we asked network administrator to produce a list of IP address and associated MAC addresses during the period when the crime is believed to ha ve occurred. Being that the he had prior records, we had the Mac address of the suspect computer, 0080R245F767. We kick all the computers and indented the computer with the above MAC address. Dorothy documented the model of the computer and the serial number she found underneath the computer. Evidence collection Being that the owner of the computersthe media firmwe were ready to begin collecting evidence of the alleged CP, which was a crime and against the policies of the firm. First, we ensured that no one was around the computer alone except for Dorothy and I as we did not want any disturbance. We opened the computer and using our tools, we run some applications to fix if there was any evidence of CP in the suspect computer. The first tool that we used was Retriever, which hunt clubed the entire hard drive and located child pornography material in the disk drive. The computer had several files and cerebrate of child pornography in the internet history and browser cookies. We d id document what the retriever software displayed as the search result. Moreover,
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.