Bond has intercepted a transmission (in a pcap file) from the Whyte House, a casino-hotel owned by the reclusive billionaire Willard Whyte. Bond suspects that SPECTRE agents have been communicating through the Whyte House. Your task as the security analyst within the digital forensics division of MI5 is to answer Bond’s questions.
1. What was the first communication between the suspected SPECTRE agents?
2. What did the suspected SPECTRE agents exchange?
3. What was used to blackmail Tiffany Case?
4. Who is Putter Smith?
5. What mail client does Putter Smith use?
6. What was the operating system running on Tiffany Case’s PC?
7. What was Tiffany Case looking at that she shouldn’t be?
8. What was in the trash directory?
9. What was in the encrypted transfer by Willard Whyte?
10. Is Willard Whyte working for SPECTRE?
11. Create a detailed map of the network, including IP addresses, hostnames and services as well as suspected owners of each host.
12. Create a detailed timeline of the significant events that take place in the captured transmission.
As part of the answer for each of these questions you must include
• A clear description of the evidence for your answer.
• A detailed description of the process that you followed and the tools that you used to obtain the evidence.
After the Diamond affair and the key part digital forensics played in the outcome of that situation, Q has decided that more funding should be allocated to the digital forensics department. He has asked you to review the latest research (the last 3 years) in the digital forensics area. Your review should also describe a specific project which is important for future investigations. Your task is to write a brief essay indicating where MI5 funds should be invested.
Select one topic in digital forensics. This may include the following list but is not limited to:
• Disk Forensics
• Memory Forensics
• Network Forensics
• Mobile device forensics
• Cloud Forensics
• SDN Forensics
• Internet of Things Forensics
Your essay on recent advances in digital forensics should not exceed 2000 words (approximately 4 pages) but it should include the following main headings:
• Review of Previous Research
• New Digital Forensics Project
• Conclusions and Recommendations