MN624 Digital Forensic Validating and testing digital forensics tools and evidence Assessment and Tutor Proposal

Melbourne Institute of Technology


Validating and testing digital forensics tools and evidence

Assessment No: 1

MN624|Digital Forensics

Our Real
uni-icon
Student’s Score cards


MN624 Digital Forensic Validating and testing digital forensics tools and evidence

MN624 Digital Forensic


Task

It is to note that this assignment consists of two parts a) Assignment 1a and b) Assignment 1b. Students have to submit the Assignment 1a, by the end of week 3. Once the Assignment 1a is marked and a constructive feedback is provided, the responses to the comments/feedback has to be tabulated and appended to Assignment 1b that would be submitted in week 7.

Assignment 1a: Leaving Clues to a Crime

The following is the scope for Assignment 1a.

In this Assignment 1a you will create a pretended crime scenario that needs computer forensic analysis. Along with the crime scenario, create digital clues that may be left on a small portable storage device. IMPORTANT: Any names of persons or organizations in the crime scenario should be pretended; DO NOT use the names of real people or businesses. Also, DO NOT develop a crime scenario involving child pornography or anything that can be interpreted as a threat to the public. Acceptable topics include theft, embezzlement, kidnapping a fictitious character, the murder of a fictitious character, etc.

The chosen crime scenario must be discussed according to the following questions:

Questions:

  • Q1) You will leave your digital “clues” on a flash/thumb drive. Provide your thumb drive (containing your digital clues) for analysis as an image by using software such as ProDiscover. Include this screenshot in your final report! Your digital clues must include at least one of each of the following: Hidden file Deleted file Graphic file Password-protected file Web access (browser history) Change extension of one file such as .docs to .pdf
  • Q2) Discuss what should you consider when determining which data acquisition method to use. Q3) Discuss some options that can be used for preserving the data in this situation
  • Q4) Explain two acquisition methods that you should use in this situation.

Assignment 1b: Create and Delete Files on USB Drive

In this Assignment 1b, you need to find any evidence of the Assignment 1a, and any data that might have been generated from the suspect’s hard drive, so that, it may be presented in a court of law. To create your digital clues, please do the following task:

On your USB drive, create a word file named your Student ID, where the blank should be filled with your name, mobile, citizen, address and some other information. The file should contain the following sentence: “I have enrolled for MN624 Digital Forensic.” The first blank in the sentence should be filled in with your Full name and the second blank with the date when you registered for this unit.

On the same drive, create an excel file named “StudentID.xls”, where the First column should be filled with your units name that you had at MIT last semester and the second column should be filled with your marks with those units.

Store your current Photo on a USB drive and save it in JPG format or other images format.

Take a screenshot of your Windows Explorer window showing the content of the USB’s folder hosting the three files. Include this screenshot in your final report! Now delete those files, and then take another screenshot of the respective folder’s content (after the two files have been deleted). Include this screenshot in your final report.

Table 1: Digital forensics Tools (You can choose any two tools for your demonstration with your tutor’s consent)

Serial # Name of the security tool
1 The Sleuth Kit (Autopsy)
2 FTK Imager
3 X-Ways Forensics
4 CAINE (Computer Aided Investigative Environment)
5 SANS Investigative Forensic Toolkit (SIFT)
  • Q1) Use two computer forensics tool from table 1 to Acquire an Image of USB Drive. In the report, you need to include the screenshots of each step.
  • Q2) Use two computer forensics tool from table 1 to Recover Deleted Images and to verify which files have changed of extension. In the report, you need to include the screenshots of each step.
  • Q3) validate your results by using hash algorithms.
  • Q4) Comparison of the digital forensics tools that you used in this work. Your comparison could include:
    • Digital forensics features
    • Time is taken to detect acquire threat
    • Ease of usage
  • Q7) Demonstration of the two digital forensics tools that you used in this work on week 7.

Why invest in our services?

Only High Quality
Optimum quality

Our assignment help team is trained to provide you high quality writing services.

Reasonable Price of Each
High scores

High scores achieved by our students is a portrayal of our high quality online assignment help

Privacy and Security
Multiple reach

You can place your assignment order through 4 easy modes of communication

Order Now