OBJECTIVES
1. Articulate the complexity of and apply thinking skills to how the network and application infrastructure affects technology forensics investigations and incident response procedures.
2. Identify and apply in a forensics context the various topologies, standards, technologies and protocols employed in computer systems, including file system formats and their attributes.
3. Evaluate, select, and deploy computer forensic measures for the response, mitigation and analysis of a security incident pertaining to digital artifacts and how information was compromised.
4. Analyze and evaluate the current investigative and legal aspects of information and computer forensics including electronic discovery, deposition, litigation and corporate personnel processes.
5. Evaluate and execute the strategies, methodologies, technique, and state-of-the-art forensics tools for the preservation of digital evidence on computer systems, network systems and other electronic devices.
6. Create tracking processes to follow the trail of electronic evidence through digital systems, including documentation, formal reporting and presentation.
1. Articulate the complexity of and apply thinking skills to how the network and application infrastructure affects technology forensics investigations and incident response procedures.
2. Identify and apply in a forensics context the various topologies, standards, technologies and protocols employed in computer systems, including file system formats and their attributes.
3. Evaluate, select, and deploy computer forensic measures for the response, mitigation and analysis of a security incident pertaining to digital artifacts and how information was compromised.
4. Analyze and evaluate the current investigative and legal aspects of information and computer forensics including electronic discovery, deposition, litigation and corporate personnel processes.
5. Evaluate and execute the strategies, methodologies, technique, and state-of-the-art forensics tools for the preservation of digital evidence on computer systems, network systems and other electronic devices.
6. Create tracking processes to follow the trail of electronic evidence through digital systems, including documentation, formal reporting and presentation.
OBJECTIVE 1
Slide 1: This is a project I did for one of my forensics classes where we learned about hashing and why hash values are so important for investigations.
Slide 2: This is a project I made for a network engineering class. This is a Visio document that shows the layout of a network for a small business and how I would design it.
OBJECTIVE 2
Here is a document that I have attached from my final exam for one of my forensic classes. In this assignment we were tasked with conducting an investigation on a hard drive file we were given. Within this document I go into detail about what I did for the investigation and how I was able to prove who committed the crime. final_practical_assignment_--_solve_the_crime.docx
This document is from a project that I did for a personal security and identity protection class. In this document I highlight some ways that I made my system more secure. System hardening is a great way to make sure that when you're using your computer it is always safe and secure.
system_hardening_project.docx
OBJECTIVE 3
This document I have attached here is for a class that I am still taking so the entire plan isn't complete yet, but this is the first part of it that I did. This is a BCDR or Business Continuity, Disaster Recovery plan. In phase one of this plan I was able to identify some key threats that could shut down the business in the area that the company is operating in, within California.
bcdr_phase_1.docx
This next document I have attached for Objective 3 is from my Incident Response class. This document is what I submitted for the final assignment for that class. Within this document is an entire scenario of a company that gets hit with an attack and how I would respond to this attack in order to mitigate the threat the best way possible.
final_project.docx
OBJECTIVE 4
For Objective 4 I wanted to include a few of the papers I wrote for my Federal and International INFOSEC Standards and Regulations class. This first paper is focused on the healthcare industry. Within this document I focus specifically on HITECH and how this security framework helps keep information secure within the healthcare industry.
research_and_analysis.docx
The next document I wanted to include for objective 4 was a paper I wrote for the same class regarding security frameworks as a whole. For this paper in particular I focus on FISMA and how this framework in particular helps many companies and organizations in many different ways to stay secure.
security_frameworks.docx
OBJECTIVE 5
The first project that I felt fit objective 5 was an Evidence of Fraud assignment I did for one of my forensics classes. Within this assignment we were given a hard drive file that we had to investigate and try to find evidence that this company committed fraud when it went bankrupt. I used Autopsy and read through several emails and communications to find the evidence I needed to prove the fraud in this project. Details on that can be seen in the following document.
evidence_of_fraud.docx
The other project that I felt fit this objective was the investigation I included earlier in objective 2. This project included using FTKImager and Autopsy to investigate a hard drive to prove a crime. I have attached the same document again below.
final_practical_assignment_--_solve_the_crime.docx
OBJECTIVE 6
The first project that I have included for objective 6 is a project I worked on where we looked at metadata from a photo and got to see how all of this metadata could be used in an investigation. The importance of metadata is that it shows us hidden information about pictures like where they were taken etc. The documentation from this project is below.
metadata_analysis.docx
In this final project I was tasked with identifying the different drive geometry that are used between all the different hard drives we have today. In the documentation attached I go into detail on all of the different drive geometry that exists today, as well as advantages and disadvantages of each.
drive_geometry.docx
Slide 1: This is a project I did for one of my forensics classes where we learned about hashing and why hash values are so important for investigations.
Slide 2: This is a project I made for a network engineering class. This is a Visio document that shows the layout of a network for a small business and how I would design it.
OBJECTIVE 2
Here is a document that I have attached from my final exam for one of my forensic classes. In this assignment we were tasked with conducting an investigation on a hard drive file we were given. Within this document I go into detail about what I did for the investigation and how I was able to prove who committed the crime. final_practical_assignment_--_solve_the_crime.docx
This document is from a project that I did for a personal security and identity protection class. In this document I highlight some ways that I made my system more secure. System hardening is a great way to make sure that when you're using your computer it is always safe and secure.
system_hardening_project.docx
OBJECTIVE 3
This document I have attached here is for a class that I am still taking so the entire plan isn't complete yet, but this is the first part of it that I did. This is a BCDR or Business Continuity, Disaster Recovery plan. In phase one of this plan I was able to identify some key threats that could shut down the business in the area that the company is operating in, within California.
bcdr_phase_1.docx
This next document I have attached for Objective 3 is from my Incident Response class. This document is what I submitted for the final assignment for that class. Within this document is an entire scenario of a company that gets hit with an attack and how I would respond to this attack in order to mitigate the threat the best way possible.
final_project.docx
OBJECTIVE 4
For Objective 4 I wanted to include a few of the papers I wrote for my Federal and International INFOSEC Standards and Regulations class. This first paper is focused on the healthcare industry. Within this document I focus specifically on HITECH and how this security framework helps keep information secure within the healthcare industry.
research_and_analysis.docx
The next document I wanted to include for objective 4 was a paper I wrote for the same class regarding security frameworks as a whole. For this paper in particular I focus on FISMA and how this framework in particular helps many companies and organizations in many different ways to stay secure.
security_frameworks.docx
OBJECTIVE 5
The first project that I felt fit objective 5 was an Evidence of Fraud assignment I did for one of my forensics classes. Within this assignment we were given a hard drive file that we had to investigate and try to find evidence that this company committed fraud when it went bankrupt. I used Autopsy and read through several emails and communications to find the evidence I needed to prove the fraud in this project. Details on that can be seen in the following document.
evidence_of_fraud.docx
The other project that I felt fit this objective was the investigation I included earlier in objective 2. This project included using FTKImager and Autopsy to investigate a hard drive to prove a crime. I have attached the same document again below.
final_practical_assignment_--_solve_the_crime.docx
OBJECTIVE 6
The first project that I have included for objective 6 is a project I worked on where we looked at metadata from a photo and got to see how all of this metadata could be used in an investigation. The importance of metadata is that it shows us hidden information about pictures like where they were taken etc. The documentation from this project is below.
metadata_analysis.docx
In this final project I was tasked with identifying the different drive geometry that are used between all the different hard drives we have today. In the documentation attached I go into detail on all of the different drive geometry that exists today, as well as advantages and disadvantages of each.
drive_geometry.docx