Writing
CCJS 321 CCTB Investigative Collection of Evidence Discussion

CCJS 321

Career Centers of Texas Brownsville

CCJS

Question Description

I need help with a Computer Science question. All explanations and answers will be used to help me learn.

Project #2 - Investigative Collection of Evidence

  • No directly quoted material may be used in this project paper.
  • Resources should be summarized or paraphrased with appropriate in-text and Resource page

For the purpose of this second Project, you are still the Information Security Analyst for Provincial Worldwide. Consider this project a continuation of the work you performed in Project #1. In this portion of the investigation, you are ONLY collecting the physical evidence, packaging it, and documenting and reporting it. You will NOT be handling the digital data during this stage of the investigation. (This step will be discussed in the Final Project.) You should limit your “care and handling” of each piece of evidence to the physical handling of the digital item/container.

With the scenario in mind, you are to report to your supervisor, thoroughly providing a response to the following questions (in paragraph format, properly citing outside research, where appropriate) to both Part I and Part II of the project:

Part I: Overview/Case Summary

1. Write a short summary of the incident to Director McPherson concerning was has occurred, and establish what permissions/authorities you have before you search Mr. Belcamp’s former Company work area. This includes your legal authority as a Company representative as a private company.

Part II: Physical Evidence Acquisition:

2. Look at the photo of Mr. Belcamp’s work area. (See file attachment Work_Area.jpg) Identify four (4) potential items of digital evidence you see in the photo. For those four items, describe EACH item you identified and explain what potential use the item would be within the investigation (e.g., what type of data that item might hold, why it is important, and what type of evidence it represents for prosecution.)

  • Select two (2) of the items you identified and describe the steps that would be taken to collect the items (with emphasis on the care and handling, and packaging of each item consistent with digital forensic best practices described in the module content/weekly readings) at the scene. You should document these steps in a detailed way that will mitigate questions, concerns, or a basic lack of information that will call your processes into question in court.

3. Look again at the photo of Mr. Belcamp’s work area. (See file attachment Work_Area.jpg) Identify four (4) potential items of non-digital evidence you see in the photo. For those four items, describe EACH item you identified and explain what potential use the item would be within the investigation (e.g., what type of data that item might hold, why it is important, and what type of evidence it represents for prosecution.)

  • Select two (2) of the items you identified and describe the steps that would be taken to collect the items (with emphasis on the care and handling, and packaging of each item consistent with digital forensic best practices described in the module content/weekly readings) at the scene. You should document these steps in a detailed way that will mitigate questions, concerns, or a basic lack of information that will call your processes into question in court.

4. The evidence you seized in Questions two (2) and three (3) must be transported, secured and stored after removing it from the original scene (the work area) and prior to sending it for analysis. Describe the security procedures in place as well as any environmental considerations or protections (specific to computer/digital devices) that are in place within the storage area, and why they are important.

5. Look at the Evidence Custody Document (See file attachment Evidence Custody Document.doc) and item photographs (Items-seized (pics).pptx). Read the Evidence Custody Document prepared by your co-worker, Brian Duggars in which he was attempting to document the seizure of three (3) items pictured in the accompanying photos. Did Brian adequately describe each item? What could be added to the descriptions, and for which items (based on what you see in the photos) to make them more complete and serve as an example to your co-worker of what they SHOULD look like (how they should be described)? Or, did he do a good job and no modifications need to be made.

Project Requirements:

  • Each question should be answered thoroughly looking at all the issues presented, so do your research, be specific, be detailed, and demonstrate your knowledge; submitting your project through the appropriate assignment folder.
  • This project should be submitted in a single Microsoft Word document (.DOC/.DOCX), with answers separated and/or numbered in respect to the question, so as to make it clear which question is being answered. It may be in a question and answer format, or as described with answers to the associated question numbers;
  • The paper should be written in third-person grammar, not first person (which means - I, me, myself, etc.);
  • The submission is to have a cover page that includes course number, course title, title of paper, student’s name, and the date of submission per APA writing format;
  • Format: 12-point font, double-space, one-inch margins;
  • It is mandatory that you do some research, and utilize outside resources! You must have a reference page at the end of your project that is consistent with APA citation style and format (see https://owl.english.purdue.edu/owl/resource/560/01/ for help).
  • Unformatted Attachment Preview

    CONTROL NUMBER EVIDENCE / PROPERTY CUSTODY DOCUMENT REPORT CROSS-REFERENCE NUMBER The proponent agency for this document is OHMR-PM RECEIVING AGENCY LOCATION Makestuff IT Security Makestuff Remote Office #4 NAME, GRADE AND TITLE OF PERSON FROM WHOM RECEIVED OWNER Former work area of Mr. YOURPROP ADDRESS (Includes ZIP Code) Bldg# 47, Martin Blvd, Faketown, NJ 12345 OTHER LOCATION FROM WHERE OBTAINED REASON OBTAINED Desk near west wall of office Evaluation as evidence 1430, 04/01/2014 ITEM NO. QUANTITY TIME / DATE OBTAINED DESCRIPTION OF ARTICLES (Include model, serial number, conditions, and any unusual marks or scratches) 1 1 Voice recorder, small, silver, Olympus. 2 1 Western Digital, 1TB, silver and black with a green label, roughly rectangular, affixed with a torn sticker on the front. 3 1 Thumb drive, USB, PNY-brand, 64GB in size, unknown serial number, grey and black in color, approximately 1” x 2.5” x 0.5”, metal and plastic-type construction, printed with “PNY… 64GB”, with small hole on the side (which appears to be for a lanyard. --------- -------------- --------------------------///LAST ITEM///--------------------------------------------------------------- CHAIN OF CUSTODY ITEM NO. 1-3 DATE 04/01/2014 RELEASED BY RECEIVED BY SIGNATURE SIGNATURE CRIME SCENE ///original signed/// NAME, GRADE, TITLE NAME. GRADE, TITLE N/A I.M. Helpful, Security Specialist SIGNATURE SIGNATURE NAME, GRADE, TITLE NAME. GRADE, TITLE SIGNATURE SIGNATURE NAME, GRADE, TITLE NAME. GRADE, TITLE SIGNATURE SIGNATURE NAME, GRADE, TITLE NAME. GRADE, TITLE NAME, GRADE, TITLE NAME. GRADE, TITLE SIGNATURE SIGNATURE OHMR FORM 4137 front (Jul 91) PURPOSE OF CHANGE OF CUSTODY Evaluation as evidence ITEM 1 ITEM 2 ITEM 3 ...
    Purchase answer to see full attachment
    Student has agreed that all tutoring, explanations, and answers provided by the tutor will be used to help in the learning process and in accordance with Studypool's honor code & terms of service.

    Final Answer

    Attached.

    Running head: INVESTIGATION DIGITAL EVIDENCE

    Investigative Collection of Evidence
    Student Name:
    Course Name:
    Professor Name:
    Date of Submission:

    1

    INVESTIGATION DIGITAL EVIDENCE

    2

    Question One
    The company has recently terminated Mr. Belcamp on grounds of consistent tardiness and
    continuous absenteeism from work. During the exit interview, Mr. Newman, the Human Resource
    manager, noticed concerning strange statements from Mr. Belcamp regarding the product. The HR
    manager fears that Belcamp might reveal the intellectual property of product X to his new
    employers. Besides, the HR manager wants an investigation conducted and also wants to retain
    the option of including law enforcement in the future. According to the fourth amendment of the
    United States constitution, people have a right to be safe from warrants and searches without
    probable cause. As an information security analyst, I have the authority to conduct a search on
    Belcamp’s possession following the suspicion of the possibility that he would share the source
    code with his new employer.
    Question Two
    Digital evidence provides a suitable framework for investigating, analyzing and
    prosecuting crime. One of the key digital evidence that can be identified in the working area is the
    laptop. Essentially, the computer may contain emails and reports that may prove Belcamp’s intent
    to steal product X’s intellectual property. Besides, the desktop computer is another item that can
    be analyzed....

    Msharon (11539)
    UIUC

    Anonymous
    Top quality work from this tutor! I’ll be back!

    Anonymous
    It’s my second time using SP and the work has been great back to back :) The one and only resource on the Interwebs for the work that needs to be done!

    Anonymous
    Thanks, good work

    Studypool
    4.7
    Trustpilot
    4.5
    Sitejabber
    4.4
    Similar Questions
    Related Tags