You are assigned as a Cyber Investigator to a Computer Crimes Unit within the Department of Homeland Security. In your role, you are responsible for responding to crime scenes to collect items of digital evidence and conducting subsequent examinations of the things ordered. Legal analysis is inherent in your position, and you are required to document your legal authority for each investigation. Today, you responded to a College Dormitory to investigate an unidentified individual downloading Child Sexual Abuse Material (CSAM). In the proceeding days, you downloaded 200 Gigabytes of known CSAM from a user over Peer2Peer software. During the download, you were able to identify the Suspect's Internet Protocol Address, as well as a Port Number. You specified the Suspect was using IP Address 71.143.70.239:8451. Subsequently, the Internet Service Provider identified that l leased the IP Address to University Dorm Rooms. After coordinating with the university Office of Technology Resources (OTR), you discovered all of the dorms utilized one outward-facing IP Address, which was then routed through various network switches in multiple buildings. OTR stated they knew nothing about the controllers except that they were installed as part of a grant by the former ISP. The current ISP denies they know the switches or how they are wired. You have been able to download CSAM from the Suspect every day since your first encounter, and I believe you can use this to identify the Suspect by tracing them through the series of Switches. You think you will need to plug into each switch to track the Suspect, but to do this, you will have to crack the password for each button and collect network data on all traffic while you wait to download content for the Suspect. Before conducting your network analysis, you take a moment to consider the legality of your identified investigation plan. You come up with the following questions that you must answer: Do your actions constitute a violation of the CFAA? Why or why not? Do the Dormitory residents have a Reasonable Expectation of Privacy in the data passing through the Network Switches? Do you require a Search Warrant to analyze the Network Traffic? With or without a Warrant, what should the scope of your Network analysis entail?
You are assigned as a Cyber Investigator to a Computer Crimes Unit within the Department of Homeland Security. In your role, you are responsible for responding to crime scenes to collect items of digital evidence and conducting subsequent examinations of the things ordered. Legal analysis is inherent in your position, and you are required to document your legal authority for each investigation.
Today, you responded to a College Dormitory to investigate an unidentified individual downloading Child Sexual Abuse Material (CSAM). In the proceeding days, you downloaded 200 Gigabytes of known CSAM from a user over Peer2Peer software. During the download, you were able to identify the Suspect's Internet Protocol Address, as well as a Port Number. You specified the Suspect was using IP Address 71.143.70.239:8451. Subsequently, the Internet Service Provider identified that l leased the IP Address to University Dorm Rooms.
After coordinating with the university Office of Technology Resources (OTR), you discovered all of the dorms utilized one outward-facing IP Address, which was then routed through various network switches in multiple buildings. OTR stated they knew nothing about the controllers except that they were installed as part of a grant by the former ISP. The current ISP denies they know the switches or how they are wired.
You have been able to download CSAM from the Suspect every day since your first encounter, and I believe you can use this to identify the Suspect by tracing them through the series of Switches. You think you will need to plug into each switch to track the Suspect, but to do this, you will have to crack the password for each button and collect network data on all traffic while you wait to download content for the Suspect.
Before conducting your network analysis, you take a moment to consider the legality of your identified investigation plan. You come up with the following questions that you must answer:
- Do your actions constitute a violation of the CFAA? Why or why not?
- Do the Dormitory residents have a Reasonable Expectation of Privacy in the data passing through the Network Switches?
- Do you require a Search Warrant to analyze the Network Traffic?
- With or without a Warrant, what should the scope of your Network analysis entail?
Trending now
This is a popular solution!
Step by step
Solved in 2 steps