First, select a real case that involves digital evidence as a major factor. It must be either a cyber (related) criminal/legal case or a cyber intrusion case. Please find the following criteria for your case selection:
• Your selected case must have taken place from the year 2012 onwards. If the case is about a
legal case, it is fine if the crime occurred before 2012, but its legal proceeding must be held in
2012 or later.
• The case description should have at least one digital-forensics tool, (Autopsy, Encase, FTK,
and/or Cellebrite preferred), explicitly mentioned in acquiring the case evidence and analyzing
key/relevant artifacts from the evidence.
Then, do write an essay of up to 1,500 words, which describes the following:
• Outline of the case and the key parties involved;
• Its digital evidence and/or digital target involved;
• How the digital evidence was gathered;
• What the most important evidence items and their features were;
• What forensics or incident-response tools and techniques used in investigating the case;
• *(If available/relevant) What priorities or errors made (if any) in the collection, preservation,
analysis or presentation of the evidence;
• *(If available/relevant) What were forensic-related disputed points or uncertainty pertinent to
the cited forensic findings in the case;
• Key lessons learned in the case, including identified bad practices (for an incident-response case)
or useful employed forensics techniques (for a digital forensics case);
• Other interesting aspects of the case, including any suggestions that can be made on the case
handling or response (if any).
To make your report easier to compose and read as well, you can have a separate section for each of the relevant points listed above. And please also use a good page layout and spacing in your favorite word processor, so that your write-up is easy to read.
*Notes:
It is fine to skip these marked sections/parts in your write-up if your selected case has no relevant
information accessible to you. Should you make any inference in your write-up, please indicate clearly about parts that are based on your actual case reports and those based on your own inference.
The following are some good sources for forensic and incident-response cases:
• Google Scholar (the “Legal case” option): https://scholar.google.com.sg/
(A useful tip: do enter relevant keywords such as forensics, Encase, FTK, registry);
• FindLaw: https://caselaw.findlaw.com/;
• EnCase Legal Journal;
• Computer Law & Security Review (academic journal);
• Digital Investigation (academic journal);
• The U.S. Dept of Justice’s Computer Crime and Intellectual Property Section (CCIPS):
https://www.justice.gov/criminal-ccips;
• Online affidavits from many US cases;
• Various threat analysis and research sites, such as:
o https://www.group-ib.com/resources/threat-research.html,
o https://redalert.nshc.net/category/threat-analysis/;
• Various news items
Do you need help with this assignment or any other? We got you! Place your order and leave the rest to our experts.