download the .ova file. download and install the virtual box tool. open virtual box and import the ova file . In this assignment you will work on the first steps

download the .ova file. download and install the virtual box tool. open virtual box and import the ova file . In this assignment you will work on the first steps of seizing and imaging an evidence disk. – Learning how to seize a digital evidence found on the scene of the incident – Being aware of the when handling the evidence – Filling the chain of custody and Learning its importance. – Identifying the tools, both hardware and software, required for imaging the evidence data – Preforming the imaging process which can be cloning or just imaging – Validating the created image of evidence data The XYZ security team received a notification that suspicious cyber activity is taking place in Wilson Building. Surveillance cameras showed that a person, who could be the suspect, was seen in room Wilson 106 and then he left. When the team arrived at the scene, they only found a USB drive that could have been used in implementing the suspicious activity. They decided to seize it so they can perform the needed analysis to identify its content. : Wilson 106 · [For pictures, you can use your own place if you cannot access Wilson 106] : A USB drive · [a have/use your own USB flash drive for this work. For faster performance you can use 8GB or less drives. Also, you can use SAU machines in case your machine is not powerful enough.] · [ ] [Based on: ] · [Seizing the Evidence] 1- Ensure the safety of all individuals at the scene. [ ] 2- Protect the integrity of evidence. [ ] 3- Evaluate the scene and formulate a search plan. [ ] 4- Identify potential evidence. [The USB drive given to you] 5- All potential evidence should be secured, documented, and photographed. [ ] a. For this assignment No need to secure; just document and photograph. i. In the report, the caption for photos/figures is required. 6- Conduct interviews. [ ] 7- Any item to be removed from the scene should be properly packaged and secured. [ ] · 1- Document in writing the location and condition of all removable media [ ] a. For this assignment: The only the USB drive. 2- Remove any connected external media (e.g. external drives or thumb drives) after the computer has been powered down. [ ] · 1- Document the tools you plan to use. [ ] a. For this assignment: i. Hardware [ ] 1. Tableau Forensic USB 3.0 Bridge 2. T8u: a. Firmware:1.5.0.1, Date: 10/31/2016 , Time: 11:47:27 b. Serial: 000ecc13 0008415f ii. Software. 2- List clearly the steps/work plan for creating the disk image. [ ] 3- Use snapshots for each step while creating the disk image using the distribution. [ ] a. Using hashing, Verifying the disk and the image are important [ ] 4- Use the Chain-Of-Custody (COC) document to describe the item and fill required information. [ ] a. Assume that the evidence was released to another person on the team, and fill the necessary information. · in a . [ ] o § · Case Number: ________________________ Offense: ______________________________ Submitting Officer: (Name/ID#) _______________________________________________ Victim: ______________________________________________________________________ Suspect: _____________________________________________________________________ Date/Time Seized: __________________Location of Seizure: ______________________ (Model, Serial #, Condition, Marks, Scratches) (Signature & ID#) (Signature & ID#) APD_Form_#PE003_v.1 (12/2012) Page 1 of 2 pages (See back) (Signature & ID#) (Signature & ID#)

Do you need us to help you on this or any other assignment?


Make an Order Now