Part 1
Developments in the world have shown how simple it is to acquire all sorts of information
through the use of computers. Today, social networking services have become a fundamental
element in people’s lives, as social networking sites are able to connect people, help them get
updates from around the globe, and also make their lives easier by providing other information.
This information can be used for a variety of endeavours, and criminal activity is a major one.
In an effort to fight this new crime wave, law enforcement agencies, financial institutions, and
investment firms are incorporating computer forensics into their infrastructure. From network
security breaches to child pornography investigations, the common bridge is the demonstration
that the particular electronic media contained the incriminating evidence. Supportive
examination procedures and protocols should be in place in order to show that the electronic
media contains the incriminating evidence. This part is due in week 9. (2,500 words)
You are a computer forensics consultants/ digital forensics investigator at UK law firm Duncan
Lewis Solicitor Company, your responsibilities will include but not limited to:
a) Good Practice Guide for Digital Evidence: Provide professional advice to staff to best
practice and procedures for investigating digital and electronic devices.
b) Initial risk assessments ensuring that the devices submitted are safe to be examined.
c) Use forensic software and hardware to capture, retrieve, recover and extract data from
mobile phones and portable devices in a forensically sound manner whilst keeping a
log of the processes used. Where necessary photograph or video record the steps of
the process.
d) Keeping a full log of steps and processes undertaken conduct thorough yet focused
digital forensic investigations on computers, and other digital devices including smart
phones for all cases.
e) Developing forensic processes, techniques and programmes in line with advancements
and changes in technology, ensuring they meet accreditation standards and integrity
for court.
f) Provide a scene response to digital investigations from the case strategy through to the
investigation into recovered digital media. Provide a complete service from the outset
of an investigation to the recovery and production of evidential reports.
g) Prepare detailed statements and case specific reports in a format suitable for intended
purpose.
h) Provide expert interpretation of evidence produced.
i) Attend court when required in the capacity of the Digital Forensic Investigator.
Page 4 of 8
[1751]
Task 1
You have been asked by the company to write a technical report to assist law enforcement
agencies and prosecutorial offices including all the above responsibilities.
(20 marks)
(LO 1, 2 &3)
Task 2
To address the complete investigation process you have to select a series of guides dealing
with digital evidence showing proper evidence handling.
The guides in the series will address the followings:
a) Design a research method (case study) that contains information about:
- The suspect
- The background and context at which the case has taken place
- The suspected criminal activities.
(5 marks)
b) Tools and techniques used to commit Cyber-Crimes (e.g. Visual disk image), including
provide professional guide to staff for how to create activities tracing disk image (i.e.
files the suspect may have deleted, overwritten, modified, etc. You can also move files
around).
(5 marks)
c) Creating a digital evidence forensic: You need to create a discussion thread in iLearn
and post - The disk image file
- The meta-data file that contains the hash values etc. of your disk image
- The case description file
You will also need to send a solution file of this case (i.e. evidences to be found and where
supported by some screenshots) to your tutor’s email. Do not publish this file to the public
discussion forum!
(10 marks)
d) Presenting digital evidence in the courtroom: You should completely and accurately
report the findings and results for a court of law explaining the suspect’s recent
activities. Analysing critically your findings, you must support your findings by some
screenshots.
(10 marks)
(LO 4)
Provide annotated screenshots along with an executive summary of the findings and a
conclusion.
Page 5 of 8
[1751]
Part 2
The main goal of designing secure networks is to manage the risks as effectively as possible,
rather than eliminating all the threats. Recently, UK law firm Duncan Lewis alerted regulatory
bodies and the National Crime Agency Action Fraud team that a data breach occurred in their
firm. According to a report in the Law Society Gazette, hackers infiltrated the IT system of the
national firm to harvest data before attempting to spread data through social media. Duncan
Lewis urged people not to open any links to Twitter accounts that may contain sensitive
information as it worked to contain the data breach. To protect their clients, the firm secured a
High Court Injunction preventing the use, publication, communication or disclosure to any other
person of any information obtained from Duncan Lewis’ IT systems. Hacking is proving a major
headache for law firms and other professional services. The Solicitors Regulation Authority,
which receives around 40 reports of confidentiality breaches each month, stresses the
importance of running the latest versions of software, in particular, browsers and operating
systems, and to keep them up to date.
You have been asked by Corporate Law Solicitor Company to build a secure network for a
company to prevent hackers from targeting your law firm. The budget, however, needs to be
justified. Thus, you will need to design the layout of users, domains, trusted domains,
anonymous users etc. This part is due in week 12. (2,500 words) - Propose the network topology for various servers and the assumed location for trusted
domains such as the location of your firewalls and Intrusion Detection Systems (IDS).
(10 marks) - List the common security assumptions in your design that lead to data theft and
financial loss
(5 marks) - Propose FIVE methods for authentication can be used in your design and justify your
design choices.
(5 marks) - Discus how secure File Transfer Protocol (FTP) services protect sensitive data from
hackers in network and suggest a mechanism to exchange files securely between users
in your design network.
(5 marks) - The evolution of the Internet has increased the need for security systems. An important
security product that has emerged is (IDS). What are the main functions of a network
IDS, and where to place it in you design?
(5 marks) - Investigate the potential security issues in your own design. In other words, criticise your
own design listing down the possible vulnerabilities it may have.
(5 marks)
Page 6 of 8
[1751] - Explain how you would measure the ROI on security for your system. You should give
examples for both tangible and intangible assets.
(5 marks) - In tips, explain how you could maintain the security to protect your mobile device if the
device is infected with malware, it may lead to hidden use of premium services, or leaking
sensitive information.
(5 marks) - How do you encrypt your data (e.g. emails, your files in the cloud and messages) against
unwelcome parties?
5 marks
(LO 5, 6 and graduate attribute)
Sample Solution
