Investigation Plan

The Case

A Digital Forensic Investigation Plan

Table of Contents

Executive Summary3

Introduction4

Background4

Discussion5

Analysis6

Methodology6

Digital Forensic is considered to be The Most Powerful Investigation Tool6

Forensic Tools7

Major Components of the Investigation8

How it differs from Other Techniques8

How Digital Evidence and Electronic Evidence Supports the Investigation9

Required Evidence10

Steps Required for the Investigation10

Conclusion12

References13

Executive Summary

Southern Stars Capital (SSC) is a global group of companies with over 12,000 employees worldwide. As an international player in the financial markets, SSC has many specific sector interests. A manager of a regional branch has contacted the Information Security Office at SSC head office with some concerns regarding his computer system. He suspects that someone has compromised his computer.

In order to investigate the issue of this branch manager, digital forensic investigation is going to be conducted. For this purpose, the Information Security Office takes this suspicion seriously. A team of auditors is formed to investigate this suspicion at the regional office. Apart from reviewing paper based company documents, the auditing team is tasked to undertake digital forensic analysis of the computer systems at the regional office. This involves gathering digital evidence from relevant desktop PC's and e-mail accounts.

Introduction

The computer forensic is the science that studies the identification, storage, protection, retrieval, documentation and various other functions of computer data processing in order to be evaluated in a legal process . In fact the most well-known digital forensics is the computer forensics, comprised of evidentiary purposes, techniques and tools for the examination methodology of computer systems, but is increasingly gaining importance due to the implementation of information technology in the process.

Digital forensics is considered to be a revolutionary technique which is comprised of various practices including achievement, revival, documentation, and analysis of information enclosed within and developed by means of computer devices and computing systems in order to find out what has happened, how it happened when it happened, and who was the main culprit. All the evidence that is gathered must be deal in such a manner that makes sure the acceptability in a court of law or other administrative procedures. Furthermore, the investigator must have the talent to present and document evidence in a logical way, clear to the layperson.

Background

The company needed a digital forensic investigation to get aware of the criminal. The successful analysis is always dependent on the correct interpretation of the available evidence. The purpose of the analysis is the visualization and analysis of the evidence, the assessment of the causes of the incident and of the way the incident occurred. The analysis is typically not on the original system, and instead requires a more secure documentation for the investigation.

Discussion

The computer forensics is the discipline that deals with the identification, preservation, analysis and documentation of the information in order to present valid digital evidence in civil and criminal proceedings. It is the approval of the Convention in the Law introduced the regulatory landscape national methodologies of Computer Forensics, with the aim of creating a common policy. Today the doctrine and case law dealing with sensitive issues such as money laundering and ...