Assignment:
Task 1: Case Project
You are required to acquire an image of a disk on a computer which is removed from an incident scene. You discovered that it is a Linux computer. What are your options to acquire the image? Write one to two pages report to specify the hardware and software you would use.
Deliverable: Write a 300 to 500 words report outlining two methods of acquiring an image in Linux. Student can use Kali and Ubuntu Linux virtual machine (VM) images provided in this subject's lab.
Task 2: Research Project
Your supervisor has asked you to research current acquisition tools that would able to investigate major smart phone operating systems such as Android and Apple vendors. Form a comparison table including the following information:
a. OS and/or phone vendors supported;
b. Platform designed to run on;
c. Type of information possible acquired such as device information, phonebook, logs, etc..;
d. Cost.
Deliverable: Minimum of five forensic vendors listed with in-text references to provide under each vendor column. Wikipedia information will not count as vendor source.
Rationale
This assessment task covers digital crime, forensic process and procedures, data acquisition and validation, e-evidence, e-discovery tools and equipment, operating systems and file systems. This assessment has been designed to ensure that you are engaging with the subject content on a regular basis. More specifically it seeks to assess your ability to:
• determine the legal and ethical considerations for investigating and prosecuting digital crimes
• formulate a digital forensics process
• evaluate the technology in digital forensics to detect, prevent and recover from digital crimes
• analyse data on storage media and various file systems
• collect electronic evidence without compromising the original data;
• evaluate the functions and features of digital forensics equipment, the environment and the tools for a digital forensics lab;
• compose technical tactics in digital crimes and assess the steps involved in a digital forensics investigation;
• prepare and defend reports on the results of an investigation.