Forensic Science > Summary > Summary C840 Task 1 Forensic Lab Report Graded A+ (All)

Summary C840 Task 1 Forensic Lab Report Graded A+

Document Content and Description Below

TASK 1 FORENSIC LAB REPORT 1 Task 1 Forensic Lab Report Western Governors University TASK 1 FORENSIC LAB REPORT 2 A – Steps of Analysis To begin the investigation, I loaded the computer forensic image titled “JSmith 1GB” into the forensic examination software titled “Electronic Evidence Examiner” (see figure 1.) (figure 1) After loading the forensic image into the software, I used the “Content Analysis Wizard” to index keywords from within the file. I also used the “Content Analysis Wizard” to extract and index text that is located in graphical files. The software accomplishes this by using Optical Character Recognition to locate and identify text messages within pictures (see figure 2.) Once this process was complete, I began searching for information and files specific to the investigation. TASK 1 FORENSIC LAB REPORT 3 (figure 2) I conducted a keyword search for the word “proprietary” (see figure 3.) The keyword search was successful and I was able to locate a file titled “Fracking Water Pollution Solution – Company Proprietary.pdf” (see figure 4.) Upon opening the file, I was able to confirm that this file was proprietary information that should not have been on the computer. The file was bookmarked and added to the final forensic report. (figure 3) TASK 1 FORENSIC LAB REPORT 4 (figure 4) After locating the pdf file, I continued to search the image for evidence. I located several other notable fines of interest, including evidence that the subject had been looking at expensive vehicles and real estate (see figure 5.) Those files were also bookmarked and added to the final forensic report. (figure 5) TASK 1 FORENSIC LAB REPORT 5 Upon completion of the examination, I generated an Electronic Evidence Examiner generated report of my specific findings (please see attached report titled “Frederick Williams_000715093 for the full forensic report.) B – Incident Description According to the incident report, senior management believes that a research engineer named John Smith had illegally taken proprietary company information. (Western Governor's University, 2018) They also believe that John Smith intended to distribute that information to a rival company for financial gain. Based on the information reported to me by senior management, if John Smith has illegally taken proprietary company information, then the files should be located on the forensic image of his computer. According to the report from senior management, the proprietary information should be “clearly identified as proprietary” thus removing any ambiguity about the contents of the file. (Western Governor's University, 2018) Additionally, if John Smith is intending to distribute this information for financial gain, then the forensic image of his computer should show evidence that John Smith planned on earning and spending a large amount of money soon. A forensic examination of the image of the computer belonging to John Smith clearly shows that the proprietary company information was located on the image. It was located in the “documents” subdirectory under an account with the username “johnsmith.” The document was titled “Fracking Water Pollution Solution – Company Proprietary.pdf” (see figure 4 above as well as the attached Electronic Evidence Examiner generated report.) I also located several other notable fines of interest, including evidence that the subject had been looking at expensive vehicles and real estate. These included files titled “2014-HR-Springs-BMW-428i-M-Sport-

[Show More]

Last updated: 3 years ago

Preview 1 out of 6 pages

Buy Now

Instant download

We Accept: