Giters

BrandonQ3 / Digital-Forensics-Scenario

Scenario: Digital Forensics, completed a final report to present findings. Gathered evidence from an iPhone image file. Looking at WiFi and GPS info, photos and conversations, analyzed the evidence and created timestamps using autopsy.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

digitalforensicsvmautopsytimestampsazureincident-responsereportingkali-linuxnanocase-studygps-location

Digital-Forensics

In this assignment, you will continue to work with your group to continue the final report you began in class. The instructions are included here again for reference. There is also a bonus activity aimed to sharpen your skills in locating and identifying data in a forensic image.

Scenario

Just as in a real-world scenario, you will complete a final report to present your findings. You will work with your team to fill out the report.

The final report should be submitted as the homework deliverable for this week. Everything your group has completed in class should be included. What you do not finish today can be continued at home.

Use the Final Case Report Google Doc template to complete your report. Make a copy and be sure that each student has editing access. This will allow everyone in the group to access and work on the document at the same time.

  • Each group will turn in one completed report to be graded.

    • Use the following resource to help guide your work:

    • iPhone Forensics - Important Files and Databases

  • Lab Environnement

    • This homework will use the Digital Forensics - Autopsy lab in Kali Linux.

    • You will find the tracy-phone-2012-07-15.final.E01 file located in the /corpus directory in Autopsy.

Instructions You've examined and documented quite a bit of information from the iPhone image file. Now you will use that documentation to build a final report.

First, fill out the following evidence worksheet to document the case's WiFi and GPS locations. You will add this, along with the Correspondence Worksheet, to the final report.

  • Location Information Worksheet

    • Your group can look for WiFi and GPS info the following directories:

    • Find information about WiFi locations in root/Library/Caches/locationd/consolidated.db.

    • Note: Input GPS coordinates into Google Maps to see the locations.

  • Working in your group's copy of the report template, add content and details as indicated in each section.

    • You will rely on the Locations Information and Correspondence Evidence Worksheets you've completed so far. Additionally, you can use the iPhone Forensics - Important Files and Databases resource to analyze and find more information to support your case, such as Voicemails and notes from the Notepad iPhone application.

    • Be sure to add to the report the equipment and tools you used to gather and analyze the evidence.

    • For example, Autopsy, the operating system (Kali Linux), text editors (Nano), etc.

When including pictures from the iPhone, please use the time stamp of the Created time from autopsy.

Submission

Submission File National Gallery Case Report.pdf

About

Scenario: Digital Forensics, completed a final report to present findings. Gathered evidence from an iPhone image file. Looking at WiFi and GPS info, photos and conversations, analyzed the evidence and created timestamps using autopsy.

digitalforensicsvmautopsytimestampsazureincident-responsereportingkali-linuxnanocase-studygps-location