#EXAMPLE OF A LAB REPORT FILE DIGITAL FORENSICS FULL#
The company makes use of a general purpose eBusiness package (OSCommerce) and has a small team of six IT support professionals, but they do not feel that they have the expertise to carry out a full scale malware/forensic investigation.Īs there is increased competition in the hi-tech domain, the company is anxious to ensure that their systems are not being compromised, and they have employed a digital forensic investigator to determine whether any malicious activity has taken place, and to ensure that there is no malware within their systems.
They have also recently received a number of customer complaints saying that there is often a strange message displayed during order processing, and they are often re-directed to a payment page that does not look legitimate. It has undertaken an initial check of system log files, and there are a number of suspicious entries and IP addresses with a large amount of data being sent outside the company firewall. Case studyĪ new start-up SME (small-medium enterprise) based in Luton with an E-government model has recently begun to notice anomalies in its accounting and product records. This report also includes a computer investigation model, data collections and its types, evidence acquisitions, forensics tools, malicious investigation, legal aspects of computer forensics, and finally this report also provides necessary recommendations, countermeasures and policies to ensure this SME will be placed in a secure network environment. This report will be focused on private investigations, since an incident occurred at a new start-up SME based in Luton. Public investigations will be conducted by government agencies, and private investigations will be conducted by private computer forensic team. According to Nelson, B., et al., (2008), Public Investigations and Private or Corporate Investigations are the two distinctive categories that fall under Computer Forensics Investigations. Windows, Linux) and network operating systems (e.g. Computer Misuse Act 1990, the UK) and various computer operating systems (e.g. A successful Computer Forensic Investigator must be familiar with various laws and regulations related to computer crimes in their country (e.g. ProDiscover or Encase) to ensure the computer network system is secure in an organization. Computer Forensics Investigators work as a team to investigate the incident and conduct the forensic analysis by using various methodologies (e.g. “Computer Forensics involves obtaining and analysing digital information for use as evidence in civil, criminal or administrative cases (Nelson, B., et al., 2008)”.Ī Computer Forensic Investigation generally investigates the data which could be taken from computer hard disks or any other storage devices with adherence to standard policies and procedures to determine if those devices have been compromised by unauthorised access or not.
To counteract those computer-related crimes, Computer Forensics plays a very important role. Computer technology is the major integral part of everyday human life, and it is growing rapidly, as are computer crimes such as financial fraud, unauthorized intrusion, identity theft and intellectual theft.