Cis 4203 Forensics Discussion 1 - Overview of Evidence
Computers and Technology
Submitted By tomb1967
Discussion 1 - Overview of Evidence Due Sunday by 11:59pm Available after May 16 at 12am
Learning Objectives and Outcomes * Determine the appropriate digital forensic analysis technique for a given scenario.
Review the information in the text sheet entitled “Overview of Evidence and Digital Forensic Analysis Techniques,” which describes different types of digital forensic analysis techniques, such as disk forensics and e-mail forensics.
Based on the information in the text sheet and in your assigned reading for this week, discuss the following scenarios and determine which type of forensic analysis technique(s) should be used, and why: 1. The Federal Trade Commission disclosed a law suit against unknown credit card fraudsters. Over 15 companies were being run by "money mules," people who transfer stolen goods or money from one country to another. The money mules were recruited via a spam e-mail message. E-mail forensics—The study of the source and content of e-mail as evidence. E-mail forensics includes the process of identifying the sender, recipient, date, time, and origination location of an e-mail message. You can use e-mail forensics to identify harassment, discrimination, or unauthorized activities. There is also a body of laws that deal with retention and storage of e-mails that are specific to certain fields, such as financial and medical.
Disk forensics—The process of acquiring and analyzing information stored on physical storage media, such as computer hard drives, smartphones, GPS systems, and removable media. Disk forensics includes both the recovery of hidden and deleted information and also the process of identifying who created a file or message. Memory & Cache, Temporary File System (i.e., swap & .tmp files) Disks and local logs (i.e., event logs), Remote log, Archived data (i.e., disks, USB drives,...