This is the preparation made for the labs and assignments for the Networked Forensics Investigation module.
You are tasked with the analysis of all of the data provided to attempt to give the investigators information along with the following:
Time frame is important. Once time frame identified, show links between the identified data
- The time, type and content of communication
- Location of the device(s) in your time frame
- Places of interest
- Identification of the perpetrator(s)
- Identification of victim(s)
You need to process the evidence.
- Photographs
- SMS
- Call registers
- CDR records
- Address Book Entries
- Location data
- Etc
When processing the evidence, consider the following:
- How accurate is the data?
- How easy is it to be tampered with?
- Would it identify a user?
- The weight it can add to an investigation
- The accuracy and ability to confirm the continuity of the evidence
Presentation Guidelines.
- Introduction covering what the “customer” has asked to be done (1 minute)
- The visualised data presented as if to the customer (6 minutes)
- Conclusions (1min)
- 2 minutes for Q&A from your tutor.
- Presentations will be recorded for the sake of external examiner approval and fairness in marking.