CYBER FORENSICS QUESTION You are an experienced digital forensics specialist for
ID: 3911379 • Letter: C
Question
CYBER FORENSICS QUESTION
You are an experienced digital forensics specialist for an Investigation Company. The local police are investigating a man who they suspect is distributing child pornography. They have seized his laptop computer, which runs the Windows 7 operating system. The police are shorthanded and have contracted with your company to assist with the forensic investigation of the laptop.
There are several examinations you can complete on a computer running Windows 7. Before beginning any digital forensics investigation, it’s a good idea to plan your approach.
Outline the steps to be performed in examining the laptop for evidence of the crime, in order of importance. Be sure to explain why certain steps must be performed before others.
Explanation / Answer
Answer)
Digital forensic investigations (DFIs) :
This is an investigation post the occurence of the event and when there is a serious information security or criminal incidents which is caused when the PC is seized.
Steps to be followed before the digital forensic investigation are as follows:
1) Check for the policy and procedure development
So as to understand what cyber security is and how it works one should know the rules and regulations associated with it.
Hence strict guidelines and procedural activities are associated with it.
2) Retaining the information :
As informations are an integral part of the organization hence retaining those sensitive information plays a vital role.
3) Planning the response :
How would one respond to the malicious attack is a subject of concern because one never knows how it would have attacked the other.
4) Training and awareness:
This should be given prior to the event which occured and trained then well of how to respond and how to prevent.
5) Protecting the evidences and Preventing the anonymous activities:
Evidence is the only proof which would lead one to the culprit.
Hit like/ upvote if you find the answer useful. Your response is important to us and is much needed.
Hope this answer helps. Happy to help. :)