Description
This assignment consists of two (2) parts: a written paper and aPowerPoint presentation. You must submit both parts as separate files for the completion of this assignment. Label each file name according to the section of the assignment it is written for. Additionally, you maycreate and / or assume all necessary assumptions needed for the completion of this assignment. Imagine you’ve been soughtout as a guest lecturer at a local university for a computer forensics course. You have been asked to prepare a paper for the students, as well as a PowerPoint presentation, regarding data acquisition in a forensics investigation.
Part 1: Written Paper
- Write a four to five (4-5) page paper in which you:
a. Analyze the four (4) methods of data acquisition to determine howan investigator selects the appropriate method to use in a given situation.
b. Determine how an investigator can plan for hardware, software, and / or general failures during data acquisition.
c. Justify the necessity of validating data acquisition and determine the negative effects on an investigation if this step is not performed.
d. Describe the acquisition procedures and tools for Windows and Linux data acquisitions.
e. Use at least three (3) quality resources in this assignment.
Note: Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
- Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
- Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.
Use Microsoft PowerPoint or an open source alternative, such as OpenOffice, to:
2. Create a five to ten (5-10) slide PowerPoint presentation in which you:
a. Summarize the concepts from your written paper in Part 1 of this assignment for the lecture you would give to the class regarding data acquisition in a forensics investigation.
b. Use a professional technically written style to graphically convey the information.
The specific course learning outcomes associated with this assignment are:
Explanation & Answer
Good luck in your study and if you need any further help in your assignments, please let me know Can you please confirm if you have received the work? Once again, thanks for allowing me to help you R Message to studypool
COMPUTER FORENSICS
Presented by:
Date:
INTRODUCTION TO COMPUTER
FORENSICS
Computer forensic refers to the process of collection, analysis and reporting on
digital data from computing environments in a legally acceptable way.
It is commonly used to prevent or investigate crime and acquisition of digitally
stored evidence for a case (Yusoff, Ismail, & Hassan, 2011).
Computer forensic comes in to assist in collecting of pieces of evidence that would
help in the process of identifying the perpetrator rot the crimes committed
DATA ACQUISITION METHODS IN
COMPUTER FORENSICS
Bit-stream disk-to-image file,
Bit-stream disk-to-disk,
Logical disk-to-disk or disk-to-disk data,
Sparse data copy of a file or folder.
ACQUISITION PROCESS IN
COMPUTER FORENSICS
This is the process involved in collecting the evidence to be used in the analysis and
conclusion formulation of the case.
It is, therefore, a very critical stage in the computer forensics process.
These processes include:
Identification of the possible sources of the evidence/data
Acquire volatile and non-volatile data
Verify the integrity
Ensure chain of custody
WINDOWS ACQUISITION TOOLS
•
Registry Recon
•
encase
•
EPRB (Elcomsoft Password Recovery Bundle)
•
FTK (Forensic Toolkit)
•
The Sleuth Kit
•
OS Forensics
•
safeback
•
Forensic Assistant
•
X-Way Forensics
•
bulk extractor
•
IRCR (Incident Response Collection Report)
•
Intella
LINUX ACQUISITION TOOLS
•
bulk extractor
•
OCFA (Open Computer Forensics Architecture)
•
The Sleuth Kit
•
The Coroner's Toolkit
•
Digital Forensics Framework
•
SIFT (SANS Investigative Forensics Toolkit)
REFERENCES
References
Mamoona Rafique, & M.N.A.Khan. (2013). Exploring Static and Live
Digital Forensics: Methods, Practices and Tools . International Journal
of Scientific & Engineering Research.
Nelson, B., Phillips, A., & Steuart, C. (2014). Guide to Computer
Forensics and Investigations. Cengage Learning.
Solomon, M. G., K. Rudolph, E. T., Broom, N., & Barrett, D. (2011).
Computer Forensics jumpstart. John Wiley & Sons.
Yusoff, Y., Ismail, R., & Hassan, Z. (2011). COMMON PHASES OF
COMPUTER FORENSICS INVESTIGATION MODELS. International
Journal of Computer Science & Information Technology (IJCSIT),, 1731.
The end
Computer forensics: Data Acquisition
COMPUTER FORENSICS: DATA ACQUISITION
2
Introduction.
Computer forensic refers to the process of collection, analysis and reporting on digital
data from computing environments in a legally acceptable way. It is commonly use...