Digital Forensic Investigation Name Course Professor Institution Date Digital Forensic Investigation Introduction The past few decades have explicitly shown how computer technology has taken center stage and it is clear that it is becoming a crucial segment in our day to day activities and difficult to evade. The technology is also growing rapidly and advances are being made day in day out rendering first technology obsolete. A technological platform where computer technology has played a significant role has even led to increased cases of computer crimes. It is at this point that the role of computer forensics stands out to try and curb and also aid in investigations related to computer crimes. Computer forensics focuses on obtaining and analyzing of digital information with the aim of using it as evidence for criminal or even administrative cases. Initial Steps in the Investigation Gathering of even conclusions that will be made after the investigations. Anti-forensic techniques include steganography destruction and even data alteration. Conclusion The digital forensic investigation will always be a challenging task to the experts conducting studies due to nature with which incidences completely differ from one another. For the damage that the employee might have brought to the entire institution the compiled report after completing the investigation should be very precise and in detail so as to accurately determine the damage that may have been brought by the employee. Reference Reith M. Carr C. & Gunsch G. (2002). An examination of digital forensic models. International Journal of Digital Evidence 1(3) 1-12. Beebe N. L. & Clark J. G. (2005). A hierarchical objectives-based framework for the digital investigations process. Digital Investigation 2(2) 147-167. Prosise C. Mandia K. & Pepe M. (2003). Incident response & computer forensics. [...]
Imagine you are a digital forensic investigator for a healthcare organization. You learn from your internal information security department that an employee has been using password-cracking software to access confidential patient health information (PHI). The account information extracted is unknown at this time, though it appears as though multiple computers were being used for the crime and it isn't clear whether an attack is currently in progress. The employee has been detained but his computers remain online. Write a two to three (2-3) page paper in which you: Develop a detailed plan to approach and secure the incident scene based on the information you have from the scenario. Discuss the initial steps you would take for the investigation, depending on whether or not the attack is still in progress. Include how your actions would differ based on the current status of the incident. Explicate the importance of creating an order of volatility by identifying the potential evidence that is the most volatile. Explain, in detail, how you would extract this evidence. Identify the high-level steps that would be performed in collecting and analyzing the evidence. Include steps that are required, as well as what should not be done, in order to maintain the potential admissibility of evidence. Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources. Your assignment must follow these formatting requirements: Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions. Include a cover page containing the title of the assignment, the student's name, the professor's name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.