Alvin Li 001298498 - Forensics report PDF
| Title | Alvin Li 001298498 - Forensics report |
|---|---|
| Author | Alvin Li |
| Course | Digital Forensics in Cybersecurity |
| Institution | Western Governors University |
| Pages | 12 |
| File Size | 1017.6 KB |
| File Type | |
| Total Downloads | 81 |
| Total Views | 155 |
Summary
Forensics report...
Description
Digital Forensics in Cybersecurity – C840 Task #1 – Performance Assessment Alvin Li
A: STEPS OF ANALYSIS Double-click the Electronic Evidence Examiner (E3) icon that is located on the desktop to start the program.
Click on the CASE menu, click Create New Case to start a new case.
In the New Case dialog box, click the Case Properties tab.
Enter the case name in the Case name box.
Click the Additional Information tab to enter any additional information.
Enter the name you want to use in the Investigator's name box and click Finish.
In the New case creation dialog box, navigate to the Paraben’s Electronic Evidence Examiner folder (C:\Users\Administrator\Documents\Paraben Corporation\Paraben’s Electronic Evidence Examiner), confirm the File name is jsmith case, confirm the Save as type is Electronic Evidence Examiner Cases (*.e3), and click Save to create the new case file.
A new tab with the case file name is added to the Electronic Evidence Examiner (E3) screen and the Add New Evidence dialog box opens.
In the Add New Evidence dialog box on the left navigation pane select Physical Drive. You will see two different source types on the right pane. Select PHYSICALDRIVE0 then click OK on the bottom right of window.
In the Case Explorer tree in the left pane, navigate to the PA folder (Case > PHYSICALDRIVE0 > Partition Parser > Partition 1 > NTFS > Root > PA) and double-click
the JSmith 1GB.img object to open it.
A NTFS Settings will pop up click OK.
Navigate to the jsmith directory within that root folder. JSMITH 1gb.img > $DATA >NTFS > ROOT >USERS > JSMITH >DOCUMENTS.
In the Documents folder you will find a PDF document named Fracking Water Pollution Solution – Company Proprietary.
Click on the Analysis tab then click on Generate report. You will be greeted with General options. Click Finish to Generate report.
Shown below is the generated report of the case.
B: INCIDENT DESCRIPTION According to the report, the senior manager believes that John Smith the research engineer has been stealing proprietary company information (Western Governor’s University, 2020). It is also believed that John Smith intended to pass out the information to Jagged Peak Energy whose is there rival company for monetary gain. Based on the information that was provided to me by his senior manager, if files were stolen by John Smith himself, then files should be in the forensic image that we found. According to senior management the files or document is classified as “company proprietary” thus
getting rid of any ambiguity about the file’s contents (Western Governor’s University, 2020). Additionally, if it really was for monetary gain then the forensic image that we have of his computer should show evidence that he planned on earning and spending a large sum of that money quickly. With the forensic examination image taken from the computer belonging to John Smith it is clearly shown that the proprietary company file is located on the image. It was located under ROOT >
Users > jsmith > Documents. The company file named Fracking Water Pollution Solution – Company Proprietary.pdf. Some other notable files were in that directory that contains evidence was looking to spend the money he gains on expensive items such as cars and property. These files are “Next car.jpg,” “offshore banking.JPG,” “payday.jpg,” “STRAIT LANE.pdf,” “How to Open an Offshore Bank Account in Cayman Islands – Cayman Banking Guide.”
C: SUMMARY OF FINDINGS After the full investigation was conducted on the image that belonged to John Smith, I believe that John Smith has stolen company proprietary information and is intending to give it out to Jagged Peak Energy the rival company for monetary gain. This proprietary information was located on the computer that belongs to John Smith. It is in the Documents folder in John Smiths account ROOT >
Users > jsmith > Documents. Some other pdf documents were also located in the same directory that contains info on expensive properties such as cars and real estate (documents in section “B” above).
D: SOURCES Western Governor’s University. (2020, 07 16). Digital Forensics in Cybersecurity (HEP1)....
Similar Free PDFs
Li- Fi SEMINAR REPORT
- 39 Pages
seminar report on li fi
- 17 Pages
Resumen Cap. 21 Alvin Arens
- 23 Pages
- BN - Forensics
- 1 Pages
Lab Report #1 Chemistry is Li Fe
- 8 Pages
Forensics Crash Course
- 1 Pages
Forensics Chapter 1
- 5 Pages
Andrea li review - notes
- 13 Pages
Contoh FORMAT LI
- 2 Pages
Forensics Welcome Intrusion
- 1 Pages
Digital Forensics Reports
- 4 Pages
Popular Institutions
- Tinajero National High School - Annex
- Politeknik Caltex Riau
- Yokohama City University
- SGT University
- University of Al-Qadisiyah
- Divine Word College of Vigan
- Techniek College Rotterdam
- Universidade de Santiago
- Universiti Teknologi MARA Cawangan Johor Kampus Pasir Gudang
- Poltekkes Kemenkes Yogyakarta
- Baguio City National High School
- Colegio san marcos
- preparatoria uno
- Centro de Bachillerato Tecnológico Industrial y de Servicios No. 107
- Dalian Maritime University
- Quang Trung Secondary School
- Colegio Tecnológico en Informática
- Corporación Regional de Educación Superior
- Grupo CEDVA
- Dar Al Uloom University
- Centro de Estudios Preuniversitarios de la Universidad Nacional de Ingeniería
- 上智大学
- Aakash International School, Nuna Majara
- San Felipe Neri Catholic School
- Kang Chiao International School - New Taipei City
- Misamis Occidental National High School
- Institución Educativa Escuela Normal Juan Ladrilleros
- Kolehiyo ng Pantukan
- Batanes State College
- Instituto Continental
- Sekolah Menengah Kejuruan Kesehatan Kaltara (Tarakan)
- Colegio de La Inmaculada Concepcion - Cebu