Computer Forensic

User Generated


Computer Science


Please look at the following file I have developed and write more ideas and screenshoot to explain it. the subject is: The first part of the assignment is for you to create a forensics challenge for your classmates. Create an original scenario and include as much information as you can, including graphics, header information, DNS information, etc. You must have these accompanying 'artifacts' as clues for the investigators to follow. This is not necessarily an Internet forensics challenge, you may use any of the topics presented in this course. You must provide enough information for your fellow classmates to come up with a solution. Part of the grade for this assignment is that the challenge must be 'do-able'. You can reference the assignment case studies as examples. Send your challenge to your professor prior to posting. Include your solution, that is, what you expect the outcome to be. Once you get approval, post ONLY the challenge to the Challenges forum, do not post the solution. Post your challenge to the Forensics Challenge Forum by the last day of Week 11 (earlier is better) in order to give your fellow classmates plenty of time to figure out a solution!

Unformatted Attachment Preview

FORENSIC CHALLENGE Part one Investigate a scenario where there is a suspected worker of the organization who has hacked the servers and retrieved confidential information, which has seen the company suffer losses. The PC suspected to be used in the hacking is IBM Lenovo 8808 Pentium D [FAT32] running a windows 8.1 OS. You have been given the computer and with the aid of additional information from the company’s lab, investigate whether or there was any hacking to the servers. Additional information; IP address 192.168.19 IBM Lenovo 8808 Pentium D [FAT32] Processor PC 3.4GHz Write a report on the findings of your investigation. 1 FORENSIC CHALLENGE 2 ➢ Second part FORENSIC PROCESSING AND RECORDINGS INVESTIGATOR: Idissah (210094) FORENSIC CASE NUMBER: Requester: 21/105/44580 PAUL MIKE Cyber security Offense: Hacking of the main server Case number: -21/105/44580-C Received: October 23, 2017 Opened: October 25th, 2017 Completed: November 3rd, 2017 Forensic hours: 60 Hours Os examined: IBM Lenovo 8808 Pentium D [FAT32] File system: 7,900MB Processor: PC 3.4GHz FORENSIC CHALLENGE 3 Analyzed computer Camom Power Shoot A1300 16MP Digital Camera with a characteristics: 16GB SDHC card, of which 10Gb is used. USB Memory Stick – 8GB SanDisk Pro Duo, of which 6GB is 80Gb XP Desktop Computer with 1Gb of RAM and 4 USB ports and a 10/100Mb network card. Camera –used. Action taken OCTOBER 25, 2017 At the arrival of the scene, make sure you capture all the evidence by taking pictures of the things in the place (Maras, 2014).). The physical appearance of the computer is the next to investigate without altering any available pieces of evidence -this technique requires a high skilled and trained investigator to accomplish Information from the computer suspected to be used must be recorded to exact type, and model of the machined used to store the information about the crime this entails the model, name, hard drives and the serial numbers of the machine of the suspect. The information on the computer (PC) should be duplicated to another computer preferably a laptop. When a BIOS was run on the hard drive, date and time was recorded for the exact time when the incident was being investigated. The IP address recorded to make sure that the PC was the one with the criminal activity. (Clarke, 2010). FORENSIC CHALLENGE 4 After this has been done, the suspected computer is carefully sealed and stored for more investigations. Findings It was determined that there were several attempts to the main server from a PC with IP address 192.168.19. The hard drive of the PC contained files and documents of the company which were supposed to be accessed only by the authorized personnel. FORENSIC CHALLENGE References Maras, M.-H. (2014). Computer Forensics. Sudbury: Jones & Bartlett Learning, LLC. Clarke, Nathan. (2010). Computer Forensics. IT Governance Ltd. 5
Purchase answer to see full attachment
User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

Student’s Name Professor’s Name Course Name Date Computer Forensics Challenge Challenge Part 1 A local company has asked you to conduct a forensic work on a recent computer forensics incident that has just occurred. There is a new employee who works at odd hours when other employees have gone home. Recently, the company servers were hacked and confidential information was retrieved. This information which is specifically significant to the company’s business has caused the company to suffer losses. The computer owned by the employee and is suspected to be used in the hacking is an IBM Lenovo 8808 Pentium D [FAT32] that runs on a windows 8.1 Operating System. As the forensics expert, you have been given the computer with the aid of additional information from the company’s lab. Investigate whether there was any hacking to the servers. Additional Information IP address 192.168.19IBM Lenovo 8808 Pentium D [FAT32]Processor PC 3.4GHz Question Write a report on the findings of your forensics investigation. Part 2 FORENSIC PROCESSING AND RECORDINGS INVESTIGATOR: Idissah (210094) FORENSIC CASE NUMBER: 21/105/44580 Requester: Offense: Ca...

Excellent! Definitely coming back for more study materials.


Related Tags