Digital Forensic | My Assignment Tutor

Assessment Details and Submission GuidelinesTrimesterT1 2021Unit CodeMN624Unit TitleDigital ForensicAssessment TypeAssignment 1 T1 2021 IndividualAssessment TitleDataAcquisition, Data Analysis and Data ValidationPurpose of the assessment (with ULO Mapping)This assignment assesses the following Unit Learning Outcomes; students should be able to demonstrate their achievements in them. b) Record, administer and document digital forensics in social media.WeightAssignment 1a – 5% Assignment 1b – 10%Total Marks90Word limitMax 2000 wordsDue DateAssignment 1a – Week 3, 5:00 PM, 11/4/2021 Assignment 1b – Week 7, 5:00 PM, 5/5/2021Submission GuidelinesSubmit Assignment 1a in a word document in week 3 Submit a word document that contains the screenshots of the answers to all the questions in Assignment 1b-section 2 along with the answers for questions in Assignment 1b – Section 1 in week 7 All work must be submitted on Moodle by the due date along with a completed Assignment Cover Page. The assignment must be in MS Word format, 1.5 spacing, 11-pt Calibri (Body) font, and 2 cm margins on all four sides of your page with appropriate section headings. Reference sources must be cited in the text of the report, and listed appropriately at the end in a reference list using IEEE referencing style.ExtensionIf an extension of time to submit work is required, a Special Consideration Application must be submitted directly on AMS. You must submit this application three working days prior to the due date of the assignment. Further information is available at: MisconductAcademic Misconduct is a serious offence. Depending on the seriousness of the case, penalties can vary from a written warning or zero marks to exclusion from the course or rescinding the degree. Students should make themselves familiar with the full policy and procedure available at: further information, please refer to the Academic Integrity Section in your Unit Description. Assignment Description Assignment 1 is divided into two parts. Part A focuses on recent digital forensics crime. Part B is to prepare a forensic image, forensics analysis and data validation. Assignment 1a: Recent digital forensics crime You need to research one recent digital forensics crime that requires digital forensics investigation, such as malware, embezzlement, extortion, cyberbullying, murder, kidnap, drug trafficking, intellectual property theft, espionage, employment misconduct, fraud, forgeries, inappropriate email and internet use in the workplace. Prepare a report on the following: Provide a detailed description of the case.Summary of the offence being investigated.Report who was involved in the crime, i.e. who was the criminal(s), the suspect(s) and the victim(s)?Identify and report what type of evidence was used in the criminal investigation of the case;Explain two acquisition methods that you should use in this case study.Discuss some options that can be used for preserving the data.Explain the importance of a chain of custody for digital forensic evidence. Be sure to explain the process of documenting, collecting and storing evidence from the crime scene you’re investigating (e.g. a laptop computer). Describe the consequences of not following a proper chain of custody.Critically evaluate the forensic tool(s) and discuss their capacity in various categories of functions, including acquisition, validation, and verification, extraction, reconstruction, and reporting. Assignment 1b: Data Preparation, Data Acquisition, Data Analysis and Data Validation The objective of assignment part b is to acquire data from a drive, perform data recovery using different techniques and tools, analysing it and finally performing the validation of acquired data. In addition, students are required to properly document all steps in a report, the report should be formal so that it can be used in a legal process. Prepare a report on the following sections: Section 1: Data Preparation You need a USB; it is expected to have very important information related to the case. The USB contains several Excel files, a couple of image files and some text files. You need to use your own USB to create and delete files as the following: 1. On your USB drive, create a word file named your Student ID, where the blank should be filled with your name, mobile, citizen, address and some other information. The file should contain the following sentence: “I have enrolled for MN624 Digital Forensic T1 2021.” The first blank in the sentence should be filled in with your Full name and the second blank with the date when you registered for this unit. 2. On the same drive, create an excel file named “StudentID.xls”, where the First column should be filled with your unit’s name that you had at MIT last semester and the second column should be filled with your marks with those units. 3. Modify the extension of one of the doc file to .jpeg. 4. Create a password word document. Hint. Click the File menu, select the Info tab, and then select the Protect Document button. Click Encrypt with Password. Enter your password then click OK. Enter the password again to confirm it and click OK. 5. Store your current Photo on a USB drive and save it in JPG format or other images format. 6. Take a screenshot of your Windows Explorer window showing the content of the USB’s folder hosting the three files. Include this screenshot in your final report! 7. Now delete those files including the file you have modified its extension, and then take another screenshot. Section 2: Data Acquisition Prepare a forensic image (bit stream copy) with the record of data deletion. Explain the method and tool you used for acquiring data. You will need this image to perform consecutive tasks. Use two computer forensics tools from table 1 to Acquire an Image of a USB Drive. In the report, you need to include the screenshots of each step. Section 3: Data Recovery The suspect has deleted two image files from the USB, recover the files and explain the method (with screenshots) and tool you used. Use two computer forensics tools from table 1 to Recover Deleted Images and to verify which files have changed of extension. In the report, you need to include the screenshots of each step. Section 4: Data Analysis Inspect all files in the USB, use a hex editor and analyse if there is any hidden data in files. Provide screenshots of your analysis. Discuss what techniques and tools that can be used to recover the passwords. Use one of these techniques to recover the passwords from the protected files. Section 5: Data Validation Explain different methods of data validation and use one of them to validate data on USB. Section 4: Comparison of the digital forensics tools Comparison of the digital forensics tools that you used in this work. Your comparison could include: – Digital forensics features – Time is taken to detect acquire threat – Ease of usage Table 1: Digital forensics Tools (You can choose any two tools for your demonstration with your tutor’s consent) Serial #Name of the security tool1Pro Discover Basic2FTK Imager3X-Ways Forensics4CAINE (Computer Aided Investigative Environment)5OSForensics6Autopsy7Sleuth Kit Table 1 Marking Criteria: Section to be included in the reportDescriptionMarksAssignment 1aProvide a detailed description of the caseThe importance of a chain of custody for digital forensic evidenceEvaluate the forensic tool(s) and discuss their capacity101010Assignment 1bPrepare USB as mentioned in the case studyAcquire an Image of USB DriveRecover Deleted Images and identify the files that have changed of extension.Password recovery Validation the resultsComparison of the digital forensics toolsPresentation skills and materials quality510105101010Total90 Marking Rubric for Exercise Answers Grade MarkHD 80%+D 70%-79%CR 60%-69%P 50%-59%Fail < 50%ExcellentVery GoodGoodSatisfactoryUnsatisfactoryAnalysisLogic is clear and easy to follow with strong argumentsConsistency logical and convincingMostly consistent and convincingAdequate cohesion and convictionThe argument is confused and disjointedEffort/Difficulties/ ChallengesThe presented solution demonstrated an extreme degree of difficulty that would require an expert to implement.The presented solution demonstrated a high degree of difficulty that would be an advance professional to implement.The presented solution demonstrated an average degree of difficulty that would be an average professional to implement.The presented solution demonstrated a low degree of difficulty that would be easy to implement.The presented solution demonstrated a poor degree of difficulty that would be too easy to implement.Explanation/ justificationAll elements are present and well integrated.Components present with good cohesionComponents present and mostly well integratedMost components presentLacks structure.Reference styleClear styles with an excellent source of references.Clear referencing/ styleGenerally good referencing/styleUnclear referencing/styleLacks consistency with many errorsPresentationProper writing. Professionally presentedProperly spoken, with some minor deficienciesMostly good, but some structure or presentation problemsAcceptable presentationPoor structure, careless presentation


Leave a Reply

Your email address will not be published. Required fields are marked *