Assignment Task

Details

In This Assignment, You Are Required To Analyse The Following Case Files

Write a report that details the steps taken to preserve and analyze the evidence. In your findings, you should determine whether a breach occurred or not. Explain how the breach occurred if it happened and justify your reasoning either way. In addition, you should develop a plan for preventing future breaches.

To ensure that you have achieved the learning outcomes, you are required to include your findings and recommendations following the steps below:

Task 1:

• The steps you have taken to ensure proper chain of custody for the evidence, the tools used for the investigation, and the processes you have followed to preserve the evidence (treat the files on Blackboard as original evidence files)
• The steps taken in identifying, organizing, and analyzing the evidence, and what evidence you have found
• Critically evaluate your findings using the relevant UK law and ACPO principles. As well as ways to prevent future attacks

Task 2:

Prepare a poster and deliver a 5-minute presentation of your findings following the forensic investigation you have conducted

Assessed Intended Learning Outcomes

Knowledge and Understanding

1. Communicate ideas and solutions with rational and reasoned arguments using appropriate methods (e.g., orally, electronically, written reports)

Practical, Professional or Subject-Specific Skills

1 – Critically analyze various cyber incidents and hunt for remnants of threat actors in file system, memory, and network data

2 – Analyze and document the investigation of collected evidence from emerging computing platforms