Purpose
This assignment introduces you to some of the methodologies used in computer forensic investigations along with legal constraints to work within these investigations. It also introduces some of the formal approaches to finding out more about a given investigation. You will work with a case to review the incident, handling of evidence, and legal restrictions typically found in such cases.
Instructions and Requirements
Assignment Instructions
A large commercial corporation has witnessed a security breach of the network and has found one laptop on the scene belonging to someone known to have the expertise for launching large-scale cyber-attacks against secure networks. The laptop and its data provide you with sources of physical and digital forensics evidence. Since the laptop was connected to the network, any communications involving the laptop could also provide you with some additional digital evidence.
This commercial corporation’s Point of Contact (POC) has requested your computer forensics team provide investigative expertise in this matter in multiple areas. In the preliminary investigative discussion, your POC for the cybercrime case would like your team to disclose, in your forensics plan, how you will approach the incident review and include the identification of any collection requirements for seizing, preserving, and authenticating the evidence. You will provide the POC with the known facts of the incident and what procedures were used during the initial case reviews.
Assignment Requirements
The expected length of the report is 8–10 pages or 2,000–2,500 words. Your submission should include the following in a Word document:
A title page
A report that includes the following:
An effective introduction.
The use of APA citations throughout the main body of the paper for all technical assertions.
How you will approach the incident review, including the identification of any collection requirements for acquiring and authenticating the evidence.
How your team will approach any legal restrictions and the determination of intent and scope.
The known facts of the incident and what procedures were used during the initial case reviews.
A conclusion allowing the reader to reach a high level of understanding of all the major topics presented.
A reference page in APA format