CYB320_ProjectTwoSteppingStone_GlendaGoulart
docx
keyboard_arrow_up
School
Southern New Hampshire University *
*We aren’t endorsed by this school
Course
CYB320
Subject
Information Systems
Date
Feb 20, 2024
Type
docx
Pages
5
Uploaded by DeanKookabura1119
1
Project Two Stepping Stone: Digital Forensic Investigation Exploration Project Two Stepping Stone: Digital Forensic Investigation Exploration I.
Case Study Analysis
A.
Assets Relevant for the Investigation
Cardersmarket Website: As the central platform where Max Ray Butler conducted his illegal activities and sold stolen credit card data, the Cardersmarket website is a critical
2
Project Two Stepping Stone: Digital Forensic Investigation Exploration asset for the investigation. It contains evidence of communication, transactions, and interactions with other individuals involved in the cybercrime.
Computer Systems and Devices: The computers and devices used by Max Ray Butler (e.g., laptops, desktops, servers) are crucial assets to examine for evidence. These systems may contain logs, files, chat communications, and other digital artifacts that could link him to the criminal activities.
Areas of Assets to be Searched for Evidence:
Cardersmarket Website: Investigators should search the website's database and logs to identify user accounts connected to Butler and track transactions involving stolen credit card data. Communication records, IP addresses, and user interactions could provide valuable evidence.
Computer Systems and Devices: Investigators should conduct a thorough search for any files related to stolen credit card data, malicious software, communication logs, and information on his aliases. Examination of internet browsing history, emails, and installed
software might also yield important evidence.
B.
Digital Forensic Hardware and Software Tools
Forensic Imaging Hardware: To create bit-by-bit copies of the computer systems and devices, forensic hardware tools like write-blockers and hardware imagers are necessary. These prevent any alteration of the original data during the acquisition process.
3
Project Two Stepping Stone: Digital Forensic Investigation Exploration
Forensic Imaging Software: Tools like EnCase or FTK Imager can be used to create forensic images of the assets, ensuring the preservation of evidence in a forensically sound manner.
Data Recovery Software: Tools like Recuva or TestDisk can be employed to recover deleted or hidden data on the computer systems and devices.
Network Traffic Analysis Tools: Investigators may use Wireshark or tcpdump to analyze network traffic associated with the Cardersmarket website and identify communication patterns.
C.
Maintaining Chain of Custody
To maintain the chain of custody for the collected evidence, the following procedures should be followed:
Proper documentation: Every step of the evidence handling process, from acquisition to analysis and storage, should be thoroughly documented. This includes the date, time, location, individuals involved, and any changes made to the evidence.
Physical security: The evidence must be stored securely in a controlled environment, ensuring that only authorized personnel can access it.
Digital security: Digital evidence should be stored in write-protected media to prevent accidental modifications or contamination.
Seals and labeling: Evidence containers should be sealed, and proper labeling should be done to indicate the case, item number, and description.
II.
Proactive Approaches
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
4
Project Two Stepping Stone: Digital Forensic Investigation Exploration A.
Importance of Systems Thinking Mindset
A systems thinking mindset is crucial in digital forensic investigations because cybercrimes are complex and interconnected systems. Investigators need to understand the bigger picture and how various components relate to each other. This mindset allows them to identify potential attack vectors, trace data flows, and comprehend the impact of their actions on the overall investigation.
B.
Maintaining Data Integrity
Data integrity is paramount in digital forensic investigations, whether for court cases or non-court cases. Ensuring data integrity means that the collected evidence is complete, unaltered,
and accurate. Tampering or unintentional modifications to evidence can compromise its credibility in court or render it unusable for decision-making in non-court cases.
C.
Chain of Custody and its Importance:
Chain of custody refers to the chronological documentation of evidence handling, from collection to presentation in court or other legal proceedings. It is essential to establish the authenticity and reliability of evidence, demonstrating that it has not been tampered with or altered. Maintaining an unbroken chain of custody is critical to ensure the admissibility and credibility of evidence in court and to establish its probative value for non-court investigations.
Reference:
11 best network traffic analyzers for windows, mac & linux
. Software Testing Help. (2023, June 28). https://www.softwaretestinghelp.com/top-network-traffic-analyzers/
5
Project Two Stepping Stone: Digital Forensic Investigation Exploration Chris Brook on Monday May 8, & Groot, J. D. (n.d.).
What is Data Integrity? definition, types & tips
. Digital Guardian. https://www.digitalguardian.com/blog/what-
data-integrity-data-protection-101
Dr. Marie Morganelli Mar 18, 2020, Jul 27, Business. (n.d.).
What is systems thinking?
. Southern New Hampshire University. https://www.snhu.edu/about-us/newsroom/business/what-is-systems-thinking
A guide to digital forensics and cybersecurity tools
. Forensics Colleges. (2022, May 19). https://www.forensicscolleges.com/blog/resources/guide-digital-forensics-tools
Understanding Digital Forensics: Process, techniques, and Tools
. BlueVoyant. (n.d.). https://www.bluevoyant.com/knowledge-center/understanding-digital-forensics-process-
techniques-and-tools