A digital forensic investigation process can involve many steps and procedures. The objective is to obtain unbiased information in a verifiable manner using accepted forensic practices. In this project, you will perform some of the steps necessary for setting up an investigation. These steps include designing interview questions that establish the needs of the case and provide focus for your investigative efforts. You will also determine what resources may be needed to conduct the investigation. Once you have this information, you will be able to develop an investigation plan that properly sequences activities and processes, allowing you to develop time estimates and contingency plans should you encounter challenges in the investigation.
This situation involves two computers and a thumb drive. After clear authorization to proceed has been obtained, one of the first investigative decision points is whether to process the items of evidence individually or together. Processing computers individually makes sense when they are not likely tied to the same case. However, if the computers are linked to the same case, there can be advantages in processing them together.
There are four steps in this project. In Step 1, you will develop interview protocols and identify documentation needs for a forensic investigation. In Step 2, you will identify tools and software needed for the investigation. In Step 3, you will develop a plan for conducting the investigation, and in Step 4, you will consolidate your efforts in the form of a single document to be submitted to your supervisor (i.e., your instructor). The final assignment in this project is a planning document with a title page, table of contents, and distinct section for each of the three steps in the project. Consult the relevant sections of
Guidelines for Project 1 Investigation Project Plan
in every step.
In Step 1, get started on the plan by creating an interview form to record questions, key words, and authorization information, and to complete the legal forms needed in this case. However, before you can do that, you need to review your training in criminal investigations.
Your tasks in Step 1 are to create interview forms to record questions, key words, and authorization information, and to designate other legal forms that will be needed in this case. It is important for you to describe the importance of each form that you create in the body of your final Project Plan assignment and include in-text reference citations for all of your content. The forms that you complete as part of Step 1 will be included in your Investigation Project Plan, the final assignment for this project.
As part of the investigation into two computers and a thumb drive, it’s important to do the necessary preliminary work. In
criminal investigations
, there are laws governing
chain of custody
,
search warrants
,
subpoenas
,
jurisdiction
, and the
plain view doctrine
. It’s important to be familiar with these to.
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
A digital forensic investigation process can involve many steps and .docx
1. A digital forensic investigation process can involve many steps
and procedures. The objective is to obtain unbiased information
in a verifiable manner using accepted forensic practices. In this
project, you will perform some of the steps necessary for setting
up an investigation. These steps include designing interview
questions that establish the needs of the case and provide focus
for your investigative efforts. You will also determine what
resources may be needed to conduct the investigation. Once you
have this information, you will be able to develop an
investigation plan that properly sequences activities and
processes, allowing you to develop time estimates and
contingency plans should you encounter challenges in the
investigation.
This situation involves two computers and a thumb drive. After
clear authorization to proceed has been obtained, one of the first
investigative decision points is whether to process the items of
evidence individually or together. Processing computers
individually makes sense when they are not likely tied to the
same case. However, if the computers are linked to the same
case, there can be advantages in processing them together.
There are four steps in this project. In Step 1, you will develop
interview protocols and identify documentation needs for a
forensic investigation. In Step 2, you will identify tools and
software needed for the investigation. In Step 3, you will
develop a plan for conducting the investigation, and in Step 4,
you will consolidate your efforts in the form of a single
document to be submitted to your supervisor (i.e., your
instructor). The final assignment in this project is a planning
document with a title page, table of contents, and distinct
section for each of the three steps in the project. Consult the
relevant sections of
Guidelines for Project 1 Investigation Project Plan
in every step.
2. In Step 1, get started on the plan by creating an interview form
to record questions, key words, and authorization information,
and to complete the legal forms needed in this case. However,
before you can do that, you need to review your training in
criminal investigations.
Your tasks in Step 1 are to create interview forms to record
questions, key words, and authorization information, and to
designate other legal forms that will be needed in this case. It is
important for you to describe the importance of each form that
you create in the body of your final Project Plan assignment and
include in-text reference citations for all of your content. The
forms that you complete as part of Step 1 will be included in
your Investigation Project Plan, the final assignment for this
project.
As part of the investigation into two computers and a thumb
drive, it’s important to do the necessary preliminary work. In
criminal investigations
, there are laws governing
chain of custody
,
search warrants
,
subpoenas
,
jurisdiction
, and the
plain view doctrine
. It’s important to be familiar with these topics. Review
forensic laws and regulations
that relate to cybercrime, as well as
rules of digital forensics
in preparation for your digital forensic investigation.
3. The next thing to do is to read the police report and perform a
quick inventory of devices that are thought to contain
evidence
of the crime. You have set up a meeting with the lead
detectives and the prosecutor handling the case.
You have received an official request for assistance that
provides you with
authority
to conduct the investigation. You realize it will be impossible
to produce a
detailed investigation project plan
prior to your meeting with the detectives and the prosecutor.
First, you need to develop a series of questions to establish the
key people and activities. These questions should address
potential criminal activity, timelines, and people who need to be
investigated.
It is also important to determine whether different aspects of the
case are being pursued by other investigators and to include
those investigators on your contact list. In addition, some
situations may involve organizations or individuals who need to
adhere to various types of
industry compliance
. This situation may require you to follow special procedures.
In Step 2, you will consider the types of resources needed for
the investigation.
Step 2: List Required Forensic Equipment, Software, and Labor
Expenses
In Step 1, you developed forms and templates to collect the
legal, criminal, and technical information that lays the
groundwork for your investigation. In this step, you will
4. consider the types of equipment and human resources needed to
conduct the investigation and create a budget table that includes
expenses for software licenses, computers, storage devices,
number of digital forensics examiners, digital forensics
examiners’ labor hours, examiner hourly pay rate, including
time spent for each phase of the investigation process in
gathering evidence analysis, reporting, presentation preparation
and court appearance(s).
It is important to total overall costs of all equipment and
expenses in your budget table. By making these preparations,
you are establishing
forensic readiness
. Required resources can include people; tools and technologies
such as
RAID storage
,
deployment kits
, or
imaging programs
; and budget and timeline information.
Develop a checklist. It will be included in the final
Investigation Project Plan.
In the next step, you will begin to prepare a plan for managing a
digital forensic investigation.
Step 3: Plan Your Investigation
In the prior step, you determined what resources would be
necessary for your investigation. In this step, you will develop a
plan for managing the investigation. The requirements for
writing case reports
reflect the step-by-step rigidity of the criminal investigation
process itself. Being able to articulate time, task, money, and
5. personnel requirements is essential.
Project management
is a skill set that is not often linked to digital forensics and
criminal investigations. That is unfortunate because effective
project management can have a dramatic impact on the success
and accuracy of an investigation. Identifying the tasks that need
to be performed, their sequence, and their duration are
important considerations, especially in the face of "wild cards"
such as delays in obtaining correct search warrants and
subpoenas. It is also important to have a clear understanding of
the goals for the investigation as you will likely be called upon
to present conclusions and opinions of your findings.
Your project plan should include a properly sequenced narrative
timeline and a separately labeled and sequenced Visual Graphic
Timeline chart that reflects the time intervals between each
phase of the
evidence acquisition and investigation processes
(e.g., 30 hours gathering evidence spread across five business
days, 60 hours of analysis over 10 business days, 90 days for
reporting and court preparation, etc.) including detailed time
estimates, and contingency plans. Your plan will serve many
purposes, including the assignment of a project budget. As you
create your plan, be sure to include in your meeting agenda
communications and reporting: who should be involved, how
the activities should be carried out, how often, and under what
circumstances (i.e., modality, frequency).
Once you have developed your project management plan, move
on to the next step, where you will submit your final
assignment.
Step 4: Prepare and Submit Completed Investigation Project
Plan
6. For your final assignment, you will combine the results of the
previous three steps into a single planning document—an
Investigation Project Plan—with a title page, a table of
contents, and a distinct section for each of the three steps. The
plan should include:
Forms documenting key people, meeting agenda, key activities
and reporting, key words, investigation timeline narrative,
visual graphic timeline chart, authorization confirmation (e.g.,
ownership, jurisdiction), and related investigations. Designation
of the legal forms required for criminal investigations should
also be included. (Step 1)
Resource checklist for equipment, human resources and labor
expenses (Step 2)
Management plan (Step 3)
Search and seizure form(s)
Chain of custody form
The organization and details of your plan is important. Be sure
to refer to the
Guidelines for Project 1 Investigation Project Plan
to meet the minimum standards needed for this project.
All sources of information must be appropriately referenced.
Submit your completed Investigation Project Plan to your
supervisor (instructor) for evaluation upon completion.