CUSTODY DIGITAL FORENSICS
Topic: CUSTODY DIGITAL FORENSICS
For the purpose of this Project, you are still the InfoSec Specialist for the Makestuff Company. Consider this project a continuation of the work you performed in Project 1.
With the scenario in mind, thoroughly answer the following questions (in paragraph format, properly citing outside research, where appropriate):
1. What permissions/authorities should you have before you search Mr. Yourprop’s former Company work area, and how would you document that authority?
2. Look at the photo of Mr. Yourprop’s work area. (See file attachment Work_Area.jpg) Identify three (3) potential items of digital evidence you see in the photo. For EACH item of digital evidence you identified, explain what potential use that item would be to your investigation (e.g., what type of data that item might hold) AND how you would collect that item as evidence (with emphasis on your care and handling of that item consistent with digital forensic best practices described in your textbook).
3. Look at the photo of Mr. Yourprop’s work area. (See file attachment Work_Area.jpg) Identify three (3) potential items of non-digital evidence you see in the photo. For EACH item of non-digital evidence you identified, explain what potential use that item would be to your investigation AND how you would collect that item as evidence.
4. Look at the Evidence Custody Document (See file attachment Evidence Custody Document.doc) and item photographs (Items-seized(pics).pptx) Read the Evidence Custody Document prepared by one of your co-workers, in which he is attempting to seize the three items pictured in the accompanying photos. Did your co-worker adequately describe each item? What could you add to the descriptions, and for which items (based on what you see in the photos), to make them more complete and serve as an example to your co-worker of what they SHOULD look like?
5. How should the items you collected as evidence be stored in your evidence room. Describe any environmental conditions or concerns for your evidence room (digital evidence can require some unique considerations!), as well any security procedures that should be in place.
Each questions should be answered with a minimum of 1-2 paragraphs, so do your research, be specific, be detailed, and demonstrate your knowledge;
Answers to the above questions should be submitted in a single document (.DOC/.DOCX, .RTF, or .PDF), with answers separated so as to make it clear which question is being answered;
The submission should have a cover page, including course number, course title, title of paper, student’s name, date of submission, and submit to the assignments folder.
Format: 12-point font, double-space, one-inch margins;
It is mandatory that you do some research, and utilize outside resources! References page: APA citation style (see https://owl.english.purdue.edu/owl/resource/560/01/ for help).