Solved by verified expert:Please look at the following file I have developed and write more ideas and screenshoot to explain it. the subject is: The first part of the assignment is for you to create a forensics challenge for your classmates. Create an original scenario and include as much information as you can, including graphics, header information, DNS information, etc. You must have these accompanying ‘artifacts’ as clues for the investigators to follow. This is not necessarily an Internet forensics challenge, you may use any of the topics presented in this course. You must provide enough information for your fellow classmates to come up with a solution. Part of the grade for this assignment is that the challenge must be ‘do-able’. You can reference the assignment case studies as examples.
Send your challenge to your professor prior to posting. Include your solution, that is, what you expect the outcome to be. Once you get approval, post ONLY the challenge to the Challenges forum, do not post the solution.
Post your challenge to the Forensics Challenge Forum by the last day of Week 11 (earlier is better) in order to give your fellow classmates plenty of time to figure out a solution!
proposal_computer_forensic_challenge.docx
Unformatted Attachment Preview
FORENSIC CHALLENGE
Part one
Investigate a scenario where there is a suspected worker of the organization who has hacked the
servers and retrieved confidential information, which has seen the company suffer losses. The
PC suspected to be used in the hacking is IBM Lenovo 8808 Pentium D [FAT32] running a
windows 8.1 OS. You have been given the computer and with the aid of additional information
from the company’s lab, investigate whether or there was any hacking to the servers.
Additional information;
IP address 192.168.19
IBM Lenovo 8808 Pentium D [FAT32]
Processor PC 3.4GHz
Write a report on the findings of your investigation.
1
FORENSIC CHALLENGE
2
➢ Second part
FORENSIC PROCESSING AND RECORDINGS INVESTIGATOR: Idissah (210094)
FORENSIC CASE NUMBER:
Requester:
21/105/44580
PAUL MIKE
Cyber security
Offense:
Hacking of the main server
Case number:
-21/105/44580-C
Received:
October 23, 2017
Opened:
October 25th, 2017
Completed:
November 3rd, 2017
Forensic hours:
60 Hours
Os examined:
IBM Lenovo 8808 Pentium D [FAT32]
File system:
7,900MB
Processor:
PC 3.4GHz
FORENSIC CHALLENGE
3
Analyzed computer
Camom Power Shoot A1300 16MP Digital Camera with a
characteristics:
16GB SDHC card, of which 10Gb is used.
USB Memory Stick – 8GB SanDisk Pro Duo, of which 6GB is
80Gb XP Desktop Computer with 1Gb of RAM and 4 USB
ports and a 10/100Mb network card.
Camera –used.
Action taken
OCTOBER 25, 2017
At the arrival of the scene, make sure you capture all the evidence by taking pictures of the
things in the place (Maras, 2014).). The physical appearance of the computer is the next to
investigate without altering any available pieces of evidence -this technique requires a high
skilled and trained investigator to accomplish
Information from the computer suspected to be used must be recorded to exact type, and model
of the machined used to store the information about the crime this entails the model, name, hard
drives and the serial numbers of the machine of the suspect. The information on the computer
(PC) should be duplicated to another computer preferably a laptop. When a BIOS was run on the
hard drive, date and time was recorded for the exact time when the incident was being
investigated. The IP address recorded to make sure that the PC was the one with the criminal
activity. (Clarke, 2010).
FORENSIC CHALLENGE
4
After this has been done, the suspected computer is carefully sealed and stored for more
investigations.
Findings
It was determined that there were several attempts to the main server from a PC with IP address
192.168.19.
The hard drive of the PC contained files and documents of the company which were supposed to
be accessed only by the authorized personnel.
FORENSIC CHALLENGE
References
Maras, M.-H. (2014). Computer Forensics. Sudbury: Jones & Bartlett Learning, LLC.
Clarke, Nathan. (2010). Computer Forensics. IT Governance Ltd.
5
…
Purchase answer to see full
attachment
