Project 3 Digital Forensics in the Criminal Justice System

Project 3 Digital Forensics in the Criminal Justice System

After seeing you search Mr. Yourprop’s work area and
take several pieces of evidence, Ms. Maria Friend, who works
in the office across the hall, comes forward with an odd
story. Ms. Friend states that she is
Mr. Yourprop’s
fiancé, but lately things in their relationship had begun to
sour. She produces
a thumb drive she says Mr. Yourprop gave her earlier
that day. She tells
you Mr. Yourprop
told her to “keep it safe” and asked her to bring it home with
her at the end of the day. Ms. Friend tells you she
really likes her job and has no interest in being wrapped up in
whatever Mr.
Yourprop has done to invite negative attention.

1. How would you
package the thumb drive for shipment to the lab? Be specific as
to what materials you would use, and why? 
2. What would you
ask the lab to look for on the submitted thumb drive, and
why? 
3. Are there any
locations outside of Mr. Yourprop’s immediate
workspace where pertinent digital evidence might be found to
help with your intellectual property theft case? Explain
thoroughly. Now,
please assume a different character for the purpose of this
next segment of the assessment… You are a forensic examiner at
the above mentioned Makestuff Company lab. After receiving the
package from the InfoSec Specialist in the field, you sign the
chain of custody form and get set to begin your
examination.
4. How would you
protect this thumb drive prior to creating a forensic image for
examination? Why is this protection important to your overall
case? Explain thoroughly. 
5. Discuss at
least three forensic examination/analysis tools that could be
used by you or Makestuff Company’s other digital forensic
analysts to process/analyze the thumb drive you received (be
specific), ensuring you include the manufacturer of each tool
and each tool’s capabilities. Fortunately, the
InfoSec Specialist was on his/her game, and ALSO sent you
copies of several files, reported to be the source code of
“Product X”. 
6. What is
hashing, and how could you take advantage of it in this case to
attempt to determine if Mr. Yourprop’s thumb drive
contains copies of the source code? Explain thoroughly. You complete your
laboratory examination and return the evidence, with your
report, back to the InfoSec Specialist at the field
office. Now, back
at the field office, the InfoSec Specialist (a.k.a., you) receives the
report from the Makestuff Lab, which shows that the complete
“Product X” source code was found on Mr. Yourprop’s thumb
drive. In
addition, while the evidence was at the lab for examination,
you determined it is also likely that Mr. Yourprop emailed copies
of the source code to his personal email address. 
7. Do you
recommend reporting the crime to law enforcement? Why or why
not? Are private companies required to report crimes to law
enforcement? The decision is ultimately made to report the
theft to law enforcement and, using primarily the evidence you
developed during your investigation, Mr. Yourprop is brought to
trial for the crime. You (as the forensic
examiner from the Makestuff Lab) are qualified as an expert
witness and called to testify. 
8. What is the
significance of you being qualified as an expert witness? How
is it different from being a simple fact witness? Explain
thoroughly. 
9. While you are
on the stand, the defense asks you the following question based
on the fact that you write a personal blog about digital
forensics in your off-time, from which it appears you are a
staunch supporter of law enforcement. “How do we know you
were not just a “police hack” in this case, choosing to report
only what would help law enforcement and your company’s
bottom-line in this case?” 
Project Requirements: Each questions should be answered with a
minimum of 1-2 paragraphs, so do your research, be specific, be
detailed, and demonstrate your knowledge; Answers to the above
questions should be submitted in a single document (.DOC/.DOCX, .RTF, or .PDF), with answers
separated so as to make it clear which question is being
answered; The submission should have a cover page, including
course number, course title, title of paper, student’s name,
date of submission; Format: 12-point font, double-space,
one-inch margins; It is mandatory that you do some research,
and utilize outside resources! References page: APA citation
style (see https://owl.english.purdue.edu/owl/resource/560/01/
for help).

Project 3 Digital Forensics in the Criminal Justice System