SlideShare a Scribd company logo

1.0 OverviewCase Summary Example 1. On todays date,

Download as DOCX, PDF
T
TatianaMajor22

1.0 Overview/Case Summary Example: 1. On today's date, John Doe contacted my office in regards to imaging a stolen laptop computer running Windows® XP Professional that had been recovered. Doe is requesting a forensic examination to see what company documents may have been stolen by the suspect(s) and is requesting a full forensic examination and report for possible criminal charges & civil litigation. This section will vary in length. You will include any relevant information regarding what led to you as the forensic examiner/analyst becoming involved with the digital evidence. You may be just receiving the forensic image and someone else conducted the forensic acquisition and this is a good place to document that as this will correlate with your chain of custody information that you immediately started once you came into contact with the digital evidence. Remember, this is an overview and a summary of how the case was initialized and where you as the examiner/analyst became involved. 2.0 Forensic Acquisition & Exam Preparation Example: 1. On today's date I began the forensic acquisition/imaging process of the stolen laptop. Prior to imaging the stolen laptop, I photographed the laptop, documenting any identifiers (e.g., make, model, serial #), unique markings, visible damage, etc. while maintaining chain of custody. 2. Using a sterile storage media (examination medium) that had been previously forensically wiped and verified by this examiner (MD5 hash value: ed6be165b631918f3cca01eccad378dd) using ABC tool version 1.0. The MD5 hash value for the examination medium yielded the same MD5 hash value as previous forensic wipes to sterilize this media. 3. At this point, I removed the hard drive from the stolen laptop and connected it to my hardware write-blocker, which is running the most recent firmware and has been verified by this examiner. After connecting the hardware write blocker to the suspect hard drive, I connected the hardware write blocker via USB 2.0 to my forensic examination machine to begin the forensic imaging process? 4. Etc, etc. This section is very important, as you must detail your interaction with the digital evidence and the steps taken to preserve and forensically acquire the evidence. Any additional steps that you take (e.g. forensically wiping storage/examination media, etc.) should be notated in this section of your report. Remember, this section of your report is usually where you as the examiner/analyst came into contact with the digital evidence and thoroughly documenting what you have done is very important to the integrity of the digital evidence and your chain of custody. Examiner's Tip: You should have a digital camera in your forensic toolkit. Take a picture of the evidence and document each step of the forensic acquisition and preparation process. Regardless, if you include the picture in your report or as an exhibit, this picture is a perfect field note fo ...

Education
1 of 20
1.0 Overview/Case Summary Example: 1. On today's date, John Doe contacted my office in regards to imaging a stolen laptop computer running Windows® XP Professional that had been recovered. Doe is requesting a forensic examination to see what company documents may have been stolen by the suspect(s) and is requesting a full forensic examination and report for possible criminal charges & civil litigation. This section will vary in length. You will include any relevant information regarding what led to you as the forensic examiner/analyst becoming involved with the digital evidence. You may be just receiving the forensic image and someone else conducted the forensic acquisition and this is a good place to document that as this will correlate with your chain of custody information that you immediately started once you came into contact with the digital evidence. Remember, this is an overview and a summary of how the case was initialized and where you as the examiner/analyst became involved. 2.0 Forensic Acquisition & Exam Preparation Example:
1. On today's date I began the forensic acquisition/imaging process of the stolen laptop. Prior to imaging the stolen laptop, I photographed the laptop, documenting any identifiers (e.g., make, model, serial #), unique markings, visible damage, etc. while maintaining chain of custody. 2. Using a sterile storage media (examination medium) that had been previously forensically wiped and verified by this examiner (MD5 hash value: ed6be165b631918f3cca01eccad378dd) using ABC tool version 1.0. The MD5 hash value for the examination medium yielded the same MD5 hash value as previous forensic wipes to sterilize this media. 3. At this point, I removed the hard drive from the stolen laptop and connected it to my hardware write-blocker, which is running the most recent firmware and has been verified by this examiner. After connecting the hardware write blocker to the suspect hard drive, I connected the hardware write blocker via USB 2.0 to my forensic examination machine to begin the forensic imaging process? 4. Etc, etc. This section is very important, as you must detail your interaction with the digital evidence and the steps taken to preserve and forensically acquire the evidence. Any
additional steps that you take (e.g. forensically wiping storage/examination media, etc.) should be notated in this section of your report. Remember, this section of your report is usually where you as the examiner/analyst came into contact with the digital evidence and thoroughly documenting what you have done is very important to the integrity of the digital evidence and your chain of custody. Examiner's Tip: You should have a digital camera in your forensic toolkit. Take a picture of the evidence and document each step of the forensic acquisition and preparation process. Regardless, if you include the picture in your report or as an exhibit, this picture is a perfect field note for you as the examiner to reference when completing your report. • You will also need to include that you verified your forensic image and notate the hash values (e.g., MD5, SHA-1). • You will also need to briefly describe the process you used when making a working copy from the forensic image of the original evidence. 3.0 Findings and Report (Forensic Analysis) Example: 1. After completing the forensic acquisition of the stolen laptop I began analyzing
the forensic image of the stolen laptop with Forensic Tool 2. I used the following tools for forensic analysis, which are licensed to this examiner: o Guidance® Software's EnCase® 6.17 o SANS Investigative Forensic Toolkit (SIFT) Version 2.0 o Internet Evidence Finder v3.3 o RegRipper by Harlan Carvey o Microsoft® Excel 2007 3. A review of the Internet history using Internet Evidence Finder, the following data was recovered from sector 117004, which shows a Facebook email between John Doe and Jane Doe. Further analysis shows that a John Doe logged into his Google Mail account. See screenshots below: John Doe logging into Google Mail account. John Doe logging into Google Mail account. This is the most detailed section of your investigation. You will include all artifacts that you find during your analysis relating to the case. Examiner's Tip: A very good practice when you are including your evidence into your
report is to include hyperlinks within your report to link to pictures, documents, etc. Make sure you test and validate that the hyperlinks work properly so when your report is being reviewed, the reader can navigate easily to the evidence that you are including in your report. 4.0 Conclusion In this section, you are basing your conclusion off the forensic evidence. Remember, the goal of the forensic examination is to report the facts, regardless if the evidence is inculpatory or exculpatory in nature. Ref: https://www.sans.org/blog/intro-to-report-writing-for- digital-forensics/ Basic SQL Dr. Buleje Slide 6- 1 Outline
SQL Slide 6- 3 Basic SQL ord “SEQUEL” which was the original term used in the paper: “SEQUEL TO SQUARE” Slide 6- 4 SQL Data Definition, Data Types, Standards
Slide 6- 5 SQL Standards -86 or SQL 1.A. -92 is referred to as SQL-2. -1999) are divided into core specification and specialized extensions. -2006 added XML features -3 Slide 6- 6 Schema and Catalog Concepts in SQL
constructs Slide 6- 6 Schema and Catalog Concepts in SQL (cont’d.) REATE SCHEMA COMPANY AUTHORIZATION ‘Jsmith’; Slide 6- 8 The CREATE TABLE Command in SQL or
Slide 6- 9 The CREATE TABLE Command in SQL (cont’d.) Slide 6- 10 COMPANY relational database schema Slide 6- 11 One possible database state for the COMPANY relational database schema Slide 6- 12 One possible database state for the COMPANY relational database schema – continued Slide 6- 13
SQL CREATE TABLE data definition statements for defining the COMPANY schema from Figure in Slide 10 continued on next slide Slide 6- 14 SQL CREATE TABLE data definition statements for defining the COMPANY schema from Figure in Slide 10 -continued Slide 6- 15 Attribute Data Types and Domains in SQL LINT -point (real) numbers: FLOAT or REAL, and DOUBLE PRECISION
-string data types VARYING(n), CHARACTER VARYING(n) Slide 6- 17 Attribute Data Types and Domains in SQL (cont’d.) -string data types form YYYY-MM-DD
change date formats Slide 6- 18 Attribute Data Types and Domains in SQL (cont’d.) Includes the DATE and TIME fields imum of six positions for decimal fractions of seconds increment or decrement an absolute value of a date, time, or timestamp Slide 6- 19 Attribute Data Types and Domains in
SQL (cont’d.) object-oriented applications. Slide 6- 18 Specifying Constraints in SQL Basic constraints: are supported in SQL: Slide 6- 19
Basic Retrieval Queries in SQL that are identical Slide 6- 20 The SELECT-FROM-WHERE Structure of Basic SQL Queries Slide 6- 21 Basic Retrieval Queries Slide 6- 31 Basic Retrieval Queries (Contd.) Slide 6- 32
Tables as Sets in SQL query results for lause Slide 6- 38 Tables as Sets in SQL (cont’d.) EXCEPT ALL, INTERSECT ALL) Slide 6- 39 Substring Pattern Matching and Arithmetic Operators
characters LIKE ‘%Houston,TX%’; AND Dno = 5; Slide 6- 40 Arithmetic Operations –), multiplication (*), and division (/) may be included as a part of SELECT Slide 6- 27
Ordering of Query Results ORDER BY D.Dname DESC, E.Lname ASC, E.Fname ASC Slide 6- 28 INSERT, DELETE, and UPDATE Statements in SQL Slide 6- 44 The INSERT Command (examples)
the tuple. All values including nulls are supplied. a new table is loaded values from the result of a query. Slide 6- 46 The DELETE Command (examples) ect the tuples to be deleted. The number of tuples deleted will vary. Slide 6- 49 UPDATE (example) department number of project number 10 to 'Bellaire' and 5, respectively U5: UPDATE PROJECT
SET PLOCATION = 'Bellaire', DNUM = 5 WHERE PNUMBER=10 Slide 6- 51 Summary management specification, and view definition definition commands for creating tables Slide 6- 55
1.0 OverviewCase Summary Example 1. On todays date,

Recommended

Final Project Milestone One Draft of ReportTo complete this
Final Project Milestone One Draft of ReportTo complete thisFinal Project Milestone One Draft of ReportTo complete this
Final Project Milestone One Draft of ReportTo complete thisalisondakintxt
 
Please i need this paper in 6 hours. if you can make it happen, kind
Please i need this paper in 6 hours. if you can make it happen, kindPlease i need this paper in 6 hours. if you can make it happen, kind
Please i need this paper in 6 hours. if you can make it happen, kindtaminklsperaw
 
ASSIGNMENT2 Computer Architecture and Imaging So you’re telling .docx
ASSIGNMENT2 Computer Architecture and Imaging So you’re telling .docxASSIGNMENT2 Computer Architecture and Imaging So you’re telling .docx
ASSIGNMENT2 Computer Architecture and Imaging So you’re telling .docxedmondpburgess27164
 
Bb Sienna proposal
Bb Sienna proposalBb Sienna proposal
Bb Sienna proposalchristopher60
 
Strategic plan
Strategic planStrategic plan
Strategic plansarpedaniel
 
Cyb 610 Inspiring Innovation--tutorialrank.com
Cyb 610 Inspiring Innovation--tutorialrank.comCyb 610 Inspiring Innovation--tutorialrank.com
Cyb 610 Inspiring Innovation--tutorialrank.comPrescottLunt386
 
erm Paper Penetration TestingDue Week 10 and worth 120 points.docx
erm Paper Penetration TestingDue Week 10 and worth 120 points.docxerm Paper Penetration TestingDue Week 10 and worth 120 points.docx
erm Paper Penetration TestingDue Week 10 and worth 120 points.docxmealsdeidre
 
Review and utilize the information you gathered for your Annotated B.docx
Review and utilize the information you gathered for your Annotated B.docxReview and utilize the information you gathered for your Annotated B.docx
Review and utilize the information you gathered for your Annotated B.docxcarlstromcurtis
 

Recommended

Final Project Milestone One Draft of ReportTo complete this
Final Project Milestone One Draft of ReportTo complete thisFinal Project Milestone One Draft of ReportTo complete this
Final Project Milestone One Draft of ReportTo complete thisalisondakintxt
 
Please i need this paper in 6 hours. if you can make it happen, kind
Please i need this paper in 6 hours. if you can make it happen, kindPlease i need this paper in 6 hours. if you can make it happen, kind
Please i need this paper in 6 hours. if you can make it happen, kindtaminklsperaw
 
ASSIGNMENT2 Computer Architecture and Imaging So you’re telling .docx
ASSIGNMENT2 Computer Architecture and Imaging So you’re telling .docxASSIGNMENT2 Computer Architecture and Imaging So you’re telling .docx
ASSIGNMENT2 Computer Architecture and Imaging So you’re telling .docxedmondpburgess27164
 
Bb Sienna proposal
Bb Sienna proposalBb Sienna proposal
Bb Sienna proposalchristopher60
 
Strategic plan
Strategic planStrategic plan
Strategic plansarpedaniel
 
Cyb 610 Inspiring Innovation--tutorialrank.com
Cyb 610 Inspiring Innovation--tutorialrank.comCyb 610 Inspiring Innovation--tutorialrank.com
Cyb 610 Inspiring Innovation--tutorialrank.comPrescottLunt386
 
erm Paper Penetration TestingDue Week 10 and worth 120 points.docx
erm Paper Penetration TestingDue Week 10 and worth 120 points.docxerm Paper Penetration TestingDue Week 10 and worth 120 points.docx
erm Paper Penetration TestingDue Week 10 and worth 120 points.docxmealsdeidre
 
Review and utilize the information you gathered for your Annotated B.docx
Review and utilize the information you gathered for your Annotated B.docxReview and utilize the information you gathered for your Annotated B.docx
Review and utilize the information you gathered for your Annotated B.docxcarlstromcurtis
 
Scenario CharactersYou Data Security Analyst, Allied Technolog.docx
Scenario CharactersYou Data Security Analyst, Allied Technolog.docxScenario CharactersYou Data Security Analyst, Allied Technolog.docx
Scenario CharactersYou Data Security Analyst, Allied Technolog.docxtodd331
 
Nt1320 Unit 6
Nt1320 Unit 6Nt1320 Unit 6
Nt1320 Unit 6Ashley Jean
 
IFSM 310 Hardware Evaluation Report Detailed InstructionsH.docx
IFSM 310 Hardware Evaluation Report Detailed InstructionsH.docxIFSM 310 Hardware Evaluation Report Detailed InstructionsH.docx
IFSM 310 Hardware Evaluation Report Detailed InstructionsH.docxwilcockiris
 
Engl313 ada project4_slidedoc2 (1)
Engl313 ada project4_slidedoc2 (1)Engl313 ada project4_slidedoc2 (1)
Engl313 ada project4_slidedoc2 (1)KatieKrahn
 
Engl313 ada project4_slidedoc2
Engl313 ada project4_slidedoc2Engl313 ada project4_slidedoc2
Engl313 ada project4_slidedoc2ScottDorsch
 
Week10 Analysing Client Requirements
Week10 Analysing Client RequirementsWeek10 Analysing Client Requirements
Week10 Analysing Client Requirementshapy
 
9-1 Final Project One Submission Report To complete this as
9-1 Final Project One Submission Report To complete this as9-1 Final Project One Submission Report To complete this as
9-1 Final Project One Submission Report To complete this asrhetttrevannion
 
Cyb 610 Enhance teaching / snaptutorial.com
Cyb 610 Enhance teaching / snaptutorial.comCyb 610 Enhance teaching / snaptutorial.com
Cyb 610 Enhance teaching / snaptutorial.comBaileyaby
 
Cyb 610 Education Organization-snaptutorial.com
Cyb 610 Education Organization-snaptutorial.comCyb 610 Education Organization-snaptutorial.com
Cyb 610 Education Organization-snaptutorial.comrobertlesew8
 
Cyb 610 Believe Possibilities / snaptutorial.com
Cyb 610 Believe Possibilities / snaptutorial.comCyb 610 Believe Possibilities / snaptutorial.com
Cyb 610 Believe Possibilities / snaptutorial.comDavis12a
 
Csec 610 Motivated Minds/newtonhelp.com
Csec 610 Motivated Minds/newtonhelp.comCsec 610 Motivated Minds/newtonhelp.com
Csec 610 Motivated Minds/newtonhelp.comamaranthbeg52
 
Csec 610 Extraordinary Success/newtonhelp.com
Csec 610 Extraordinary Success/newtonhelp.comCsec 610 Extraordinary Success/newtonhelp.com
Csec 610 Extraordinary Success/newtonhelp.comamaranthbeg112
 
Csec 610 Education is Power/newtonhelp.com
Csec 610 Education is Power/newtonhelp.comCsec 610 Education is Power/newtonhelp.com
Csec 610 Education is Power/newtonhelp.comamaranthbeg72
 
Csec 610 Your world/newtonhelp.com
Csec 610 Your world/newtonhelp.comCsec 610 Your world/newtonhelp.com
Csec 610 Your world/newtonhelp.comamaranthbeg92
 
CYB 610 Effective Communication - snaptutorial.com
CYB 610 Effective Communication - snaptutorial.comCYB 610 Effective Communication - snaptutorial.com
CYB 610 Effective Communication - snaptutorial.comdonaldzs9
 
Human Face Identification
Human Face IdentificationHuman Face Identification
Human Face Identificationbhupesh lahare
 
CYB 610 Exceptional Education - snaptutorial.com
CYB 610 Exceptional Education - snaptutorial.comCYB 610 Exceptional Education - snaptutorial.com
CYB 610 Exceptional Education - snaptutorial.comDavisMurphyA98
 
Csec 610 Enhance teaching / snaptutorial.com
Csec 610 Enhance teaching / snaptutorial.comCsec 610 Enhance teaching / snaptutorial.com
Csec 610 Enhance teaching / snaptutorial.comBaileyabv
 
Case Project 1-1 Defining and Designing a NetworkThe overview.docx
Case Project 1-1 Defining and Designing a NetworkThe overview.docxCase Project 1-1 Defining and Designing a NetworkThe overview.docx
Case Project 1-1 Defining and Designing a NetworkThe overview.docxtidwellveronique
 
Corporate Public Investigations
Corporate Public InvestigationsCorporate Public Investigations
Corporate Public InvestigationsCTIN
 
Please readRobert Geraci, Russia Minorities and Empire,” in .docx
Please readRobert Geraci, Russia Minorities and Empire,” in .docxPlease readRobert Geraci, Russia Minorities and Empire,” in .docx
Please readRobert Geraci, Russia Minorities and Empire,” in .docxTatianaMajor22
 
Ford VS ChevroletThere are many reasons that make the Chevy.docx
Ford VS ChevroletThere are many reasons that make the Chevy.docxFord VS ChevroletThere are many reasons that make the Chevy.docx
Ford VS ChevroletThere are many reasons that make the Chevy.docxTatianaMajor22
 

More Related Content

Similar to 1.0 OverviewCase Summary Example 1. On todays date,

Scenario CharactersYou Data Security Analyst, Allied Technolog.docx
Scenario CharactersYou Data Security Analyst, Allied Technolog.docxScenario CharactersYou Data Security Analyst, Allied Technolog.docx
Scenario CharactersYou Data Security Analyst, Allied Technolog.docxtodd331
 
IFSM 310 Hardware Evaluation Report Detailed InstructionsH.docx
IFSM 310 Hardware Evaluation Report Detailed InstructionsH.docxIFSM 310 Hardware Evaluation Report Detailed InstructionsH.docx
IFSM 310 Hardware Evaluation Report Detailed InstructionsH.docxwilcockiris
 
Engl313 ada project4_slidedoc2 (1)
Engl313 ada project4_slidedoc2 (1)Engl313 ada project4_slidedoc2 (1)
Engl313 ada project4_slidedoc2 (1)KatieKrahn
 
Engl313 ada project4_slidedoc2
Engl313 ada project4_slidedoc2Engl313 ada project4_slidedoc2
Engl313 ada project4_slidedoc2ScottDorsch
 
Week10 Analysing Client Requirements
Week10 Analysing Client RequirementsWeek10 Analysing Client Requirements
Week10 Analysing Client Requirementshapy
 
9-1 Final Project One Submission Report To complete this as
9-1 Final Project One Submission Report To complete this as9-1 Final Project One Submission Report To complete this as
9-1 Final Project One Submission Report To complete this asrhetttrevannion
 
Cyb 610 Enhance teaching / snaptutorial.com
Cyb 610 Enhance teaching / snaptutorial.comCyb 610 Enhance teaching / snaptutorial.com
Cyb 610 Enhance teaching / snaptutorial.comBaileyaby
 
Cyb 610 Education Organization-snaptutorial.com
Cyb 610 Education Organization-snaptutorial.comCyb 610 Education Organization-snaptutorial.com
Cyb 610 Education Organization-snaptutorial.comrobertlesew8
 
Cyb 610 Believe Possibilities / snaptutorial.com
Cyb 610 Believe Possibilities / snaptutorial.comCyb 610 Believe Possibilities / snaptutorial.com
Cyb 610 Believe Possibilities / snaptutorial.comDavis12a
 
Csec 610 Motivated Minds/newtonhelp.com
Csec 610 Motivated Minds/newtonhelp.comCsec 610 Motivated Minds/newtonhelp.com
Csec 610 Motivated Minds/newtonhelp.comamaranthbeg52
 
Csec 610 Extraordinary Success/newtonhelp.com
Csec 610 Extraordinary Success/newtonhelp.comCsec 610 Extraordinary Success/newtonhelp.com
Csec 610 Extraordinary Success/newtonhelp.comamaranthbeg112
 
Csec 610 Education is Power/newtonhelp.com
Csec 610 Education is Power/newtonhelp.comCsec 610 Education is Power/newtonhelp.com
Csec 610 Education is Power/newtonhelp.comamaranthbeg72
 
Csec 610 Your world/newtonhelp.com
Csec 610 Your world/newtonhelp.comCsec 610 Your world/newtonhelp.com
Csec 610 Your world/newtonhelp.comamaranthbeg92
 
CYB 610 Effective Communication - snaptutorial.com
CYB 610 Effective Communication - snaptutorial.comCYB 610 Effective Communication - snaptutorial.com
CYB 610 Effective Communication - snaptutorial.comdonaldzs9
 
Human Face Identification
Human Face IdentificationHuman Face Identification
Human Face Identificationbhupesh lahare
 
CYB 610 Exceptional Education - snaptutorial.com
CYB 610 Exceptional Education - snaptutorial.comCYB 610 Exceptional Education - snaptutorial.com
CYB 610 Exceptional Education - snaptutorial.comDavisMurphyA98
 
Csec 610 Enhance teaching / snaptutorial.com
Csec 610 Enhance teaching / snaptutorial.comCsec 610 Enhance teaching / snaptutorial.com
Csec 610 Enhance teaching / snaptutorial.comBaileyabv
 
Case Project 1-1 Defining and Designing a NetworkThe overview.docx
Case Project 1-1 Defining and Designing a NetworkThe overview.docxCase Project 1-1 Defining and Designing a NetworkThe overview.docx
Case Project 1-1 Defining and Designing a NetworkThe overview.docxtidwellveronique
 
Corporate Public Investigations
Corporate Public InvestigationsCorporate Public Investigations
Corporate Public InvestigationsCTIN
 

Similar to 1.0 OverviewCase Summary Example 1. On todays date, (20)

Scenario CharactersYou Data Security Analyst, Allied Technolog.docx
Scenario CharactersYou Data Security Analyst, Allied Technolog.docxScenario CharactersYou Data Security Analyst, Allied Technolog.docx
Scenario CharactersYou Data Security Analyst, Allied Technolog.docx
 
Nt1320 Unit 6
Nt1320 Unit 6Nt1320 Unit 6
Nt1320 Unit 6
 
IFSM 310 Hardware Evaluation Report Detailed InstructionsH.docx
IFSM 310 Hardware Evaluation Report Detailed InstructionsH.docxIFSM 310 Hardware Evaluation Report Detailed InstructionsH.docx
IFSM 310 Hardware Evaluation Report Detailed InstructionsH.docx
 
Engl313 ada project4_slidedoc2 (1)
Engl313 ada project4_slidedoc2 (1)Engl313 ada project4_slidedoc2 (1)
Engl313 ada project4_slidedoc2 (1)
 
Engl313 ada project4_slidedoc2
Engl313 ada project4_slidedoc2Engl313 ada project4_slidedoc2
Engl313 ada project4_slidedoc2
 
Week10 Analysing Client Requirements
Week10 Analysing Client RequirementsWeek10 Analysing Client Requirements
Week10 Analysing Client Requirements
 
9-1 Final Project One Submission Report To complete this as
9-1 Final Project One Submission Report To complete this as9-1 Final Project One Submission Report To complete this as
9-1 Final Project One Submission Report To complete this as
 
Cyb 610 Enhance teaching / snaptutorial.com
Cyb 610 Enhance teaching / snaptutorial.comCyb 610 Enhance teaching / snaptutorial.com
Cyb 610 Enhance teaching / snaptutorial.com
 
Cyb 610 Education Organization-snaptutorial.com
Cyb 610 Education Organization-snaptutorial.comCyb 610 Education Organization-snaptutorial.com
Cyb 610 Education Organization-snaptutorial.com
 
Cyb 610 Believe Possibilities / snaptutorial.com
Cyb 610 Believe Possibilities / snaptutorial.comCyb 610 Believe Possibilities / snaptutorial.com
Cyb 610 Believe Possibilities / snaptutorial.com
 
Csec 610 Motivated Minds/newtonhelp.com
Csec 610 Motivated Minds/newtonhelp.comCsec 610 Motivated Minds/newtonhelp.com
Csec 610 Motivated Minds/newtonhelp.com
 
Csec 610 Extraordinary Success/newtonhelp.com
Csec 610 Extraordinary Success/newtonhelp.comCsec 610 Extraordinary Success/newtonhelp.com
Csec 610 Extraordinary Success/newtonhelp.com
 
Csec 610 Education is Power/newtonhelp.com
Csec 610 Education is Power/newtonhelp.comCsec 610 Education is Power/newtonhelp.com
Csec 610 Education is Power/newtonhelp.com
 
Csec 610 Your world/newtonhelp.com
Csec 610 Your world/newtonhelp.comCsec 610 Your world/newtonhelp.com
Csec 610 Your world/newtonhelp.com
 
CYB 610 Effective Communication - snaptutorial.com
CYB 610 Effective Communication - snaptutorial.comCYB 610 Effective Communication - snaptutorial.com
CYB 610 Effective Communication - snaptutorial.com
 
Human Face Identification
Human Face IdentificationHuman Face Identification
Human Face Identification
 
CYB 610 Exceptional Education - snaptutorial.com
CYB 610 Exceptional Education - snaptutorial.comCYB 610 Exceptional Education - snaptutorial.com
CYB 610 Exceptional Education - snaptutorial.com
 
Csec 610 Enhance teaching / snaptutorial.com
Csec 610 Enhance teaching / snaptutorial.comCsec 610 Enhance teaching / snaptutorial.com
Csec 610 Enhance teaching / snaptutorial.com
 
Case Project 1-1 Defining and Designing a NetworkThe overview.docx
Case Project 1-1 Defining and Designing a NetworkThe overview.docxCase Project 1-1 Defining and Designing a NetworkThe overview.docx
Case Project 1-1 Defining and Designing a NetworkThe overview.docx
 
Corporate Public Investigations
Corporate Public InvestigationsCorporate Public Investigations
Corporate Public Investigations
 

More from TatianaMajor22

Please readRobert Geraci, Russia Minorities and Empire,” in .docx
Please readRobert Geraci, Russia Minorities and Empire,” in .docxPlease readRobert Geraci, Russia Minorities and Empire,” in .docx
Please readRobert Geraci, Russia Minorities and Empire,” in .docxTatianaMajor22
 
Ford VS ChevroletThere are many reasons that make the Chevy.docx
Ford VS ChevroletThere are many reasons that make the Chevy.docxFord VS ChevroletThere are many reasons that make the Chevy.docx
Ford VS ChevroletThere are many reasons that make the Chevy.docxTatianaMajor22
 
Fairness and Discipline     Weve all been disciplined at one.docx
Fairness and Discipline     Weve all been disciplined at one.docxFairness and Discipline     Weve all been disciplined at one.docx
Fairness and Discipline     Weve all been disciplined at one.docxTatianaMajor22
 
Appendix 12A Statement of Cash Flows—Direct MethodLEARNING .docx
Appendix 12A Statement of Cash Flows—Direct MethodLEARNING .docxAppendix 12A Statement of Cash Flows—Direct MethodLEARNING .docx
Appendix 12A Statement of Cash Flows—Direct MethodLEARNING .docxTatianaMajor22
 
Effects of StressProvide a 1-page description of a stressful .docx
Effects of StressProvide a 1-page description of a stressful .docxEffects of StressProvide a 1-page description of a stressful .docx
Effects of StressProvide a 1-page description of a stressful .docxTatianaMajor22
 
Design Factors NotesCIO’s Office 5 People IT Chief’s Offi.docx
Design Factors NotesCIO’s Office 5 People IT Chief’s Offi.docxDesign Factors NotesCIO’s Office 5 People IT Chief’s Offi.docx
Design Factors NotesCIO’s Office 5 People IT Chief’s Offi.docxTatianaMajor22
 
Question 12.5 pointsSaveThe OSU studies concluded that le.docx
Question 12.5 pointsSaveThe OSU studies concluded that le.docxQuestion 12.5 pointsSaveThe OSU studies concluded that le.docx
Question 12.5 pointsSaveThe OSU studies concluded that le.docxTatianaMajor22
 
Case Study 1 Questions1.     What is the allocated budget .docx
Case Study 1 Questions1.     What is the allocated budget .docxCase Study 1 Questions1.     What is the allocated budget .docx
Case Study 1 Questions1.     What is the allocated budget .docxTatianaMajor22
 
Behavior in OrganizationsIntercultural Communications Exercise .docx
Behavior in OrganizationsIntercultural Communications Exercise .docxBehavior in OrganizationsIntercultural Communications Exercise .docx
Behavior in OrganizationsIntercultural Communications Exercise .docxTatianaMajor22
 
Discussion Question Comparison of Theories on Anxiety Disord.docx
Discussion Question Comparison of Theories on Anxiety Disord.docxDiscussion Question Comparison of Theories on Anxiety Disord.docx
Discussion Question Comparison of Theories on Anxiety Disord.docxTatianaMajor22
 
I have always liked Dustin Hoffmans style of acting, in this mov.docx
I have always liked Dustin Hoffmans style of acting, in this mov.docxI have always liked Dustin Hoffmans style of acting, in this mov.docx
I have always liked Dustin Hoffmans style of acting, in this mov.docxTatianaMajor22
 
Is obedience to the law sufficient to ensure ethical behavior Wh.docx
Is obedience to the law sufficient to ensure ethical behavior Wh.docxIs obedience to the law sufficient to ensure ethical behavior Wh.docx
Is obedience to the law sufficient to ensure ethical behavior Wh.docxTatianaMajor22
 
If you are using the Blackboard Mobile Learn IOS App, please clic.docx
If you are using the Blackboard Mobile Learn IOS App, please clic.docxIf you are using the Blackboard Mobile Learn IOS App, please clic.docx
If you are using the Blackboard Mobile Learn IOS App, please clic.docxTatianaMajor22
 
Is the proliferation of social media and communication devices a .docx
Is the proliferation of social media and communication devices a .docxIs the proliferation of social media and communication devices a .docx
Is the proliferation of social media and communication devices a .docxTatianaMajor22
 
MATH 107 FINAL EXAMINATIONMULTIPLE CHOICE1. Deter.docx
MATH 107 FINAL EXAMINATIONMULTIPLE CHOICE1. Deter.docxMATH 107 FINAL EXAMINATIONMULTIPLE CHOICE1. Deter.docx
MATH 107 FINAL EXAMINATIONMULTIPLE CHOICE1. Deter.docxTatianaMajor22
 
If the CIO is to be valued as a strategic actor, how can he bring.docx
If the CIO is to be valued as a strategic actor, how can he bring.docxIf the CIO is to be valued as a strategic actor, how can he bring.docx
If the CIO is to be valued as a strategic actor, how can he bring.docxTatianaMajor22
 
I am showing below the proof of breakeven, which is fixed costs .docx
I am showing below the proof of breakeven, which is fixed costs .docxI am showing below the proof of breakeven, which is fixed costs .docx
I am showing below the proof of breakeven, which is fixed costs .docxTatianaMajor22
 
Examine the way in which death and dying are viewed at different .docx
Examine the way in which death and dying are viewed at different .docxExamine the way in which death and dying are viewed at different .docx
Examine the way in which death and dying are viewed at different .docxTatianaMajor22
 
Karimi 1 Big Picture Blog Post ​ First Draft College .docx
Karimi 1 Big Picture Blog Post ​ First Draft College .docxKarimi 1 Big Picture Blog Post ​ First Draft College .docx
Karimi 1 Big Picture Blog Post ​ First Draft College .docxTatianaMajor22
 
Please try not to use hard words Thank youWeek 3Individual.docx
Please try not to use hard words Thank youWeek 3Individual.docxPlease try not to use hard words Thank youWeek 3Individual.docx
Please try not to use hard words Thank youWeek 3Individual.docxTatianaMajor22
 

More from TatianaMajor22 (20)

Please readRobert Geraci, Russia Minorities and Empire,” in .docx
Please readRobert Geraci, Russia Minorities and Empire,” in .docxPlease readRobert Geraci, Russia Minorities and Empire,” in .docx
Please readRobert Geraci, Russia Minorities and Empire,” in .docx
 
Ford VS ChevroletThere are many reasons that make the Chevy.docx
Ford VS ChevroletThere are many reasons that make the Chevy.docxFord VS ChevroletThere are many reasons that make the Chevy.docx
Ford VS ChevroletThere are many reasons that make the Chevy.docx
 
Fairness and Discipline     Weve all been disciplined at one.docx
Fairness and Discipline     Weve all been disciplined at one.docxFairness and Discipline     Weve all been disciplined at one.docx
Fairness and Discipline     Weve all been disciplined at one.docx
 
Appendix 12A Statement of Cash Flows—Direct MethodLEARNING .docx
Appendix 12A Statement of Cash Flows—Direct MethodLEARNING .docxAppendix 12A Statement of Cash Flows—Direct MethodLEARNING .docx
Appendix 12A Statement of Cash Flows—Direct MethodLEARNING .docx
 
Effects of StressProvide a 1-page description of a stressful .docx
Effects of StressProvide a 1-page description of a stressful .docxEffects of StressProvide a 1-page description of a stressful .docx
Effects of StressProvide a 1-page description of a stressful .docx
 
Design Factors NotesCIO’s Office 5 People IT Chief’s Offi.docx
Design Factors NotesCIO’s Office 5 People IT Chief’s Offi.docxDesign Factors NotesCIO’s Office 5 People IT Chief’s Offi.docx
Design Factors NotesCIO’s Office 5 People IT Chief’s Offi.docx
 
Question 12.5 pointsSaveThe OSU studies concluded that le.docx
Question 12.5 pointsSaveThe OSU studies concluded that le.docxQuestion 12.5 pointsSaveThe OSU studies concluded that le.docx
Question 12.5 pointsSaveThe OSU studies concluded that le.docx
 
Case Study 1 Questions1.     What is the allocated budget .docx
Case Study 1 Questions1.     What is the allocated budget .docxCase Study 1 Questions1.     What is the allocated budget .docx
Case Study 1 Questions1.     What is the allocated budget .docx
 
Behavior in OrganizationsIntercultural Communications Exercise .docx
Behavior in OrganizationsIntercultural Communications Exercise .docxBehavior in OrganizationsIntercultural Communications Exercise .docx
Behavior in OrganizationsIntercultural Communications Exercise .docx
 
Discussion Question Comparison of Theories on Anxiety Disord.docx
Discussion Question Comparison of Theories on Anxiety Disord.docxDiscussion Question Comparison of Theories on Anxiety Disord.docx
Discussion Question Comparison of Theories on Anxiety Disord.docx
 
I have always liked Dustin Hoffmans style of acting, in this mov.docx
I have always liked Dustin Hoffmans style of acting, in this mov.docxI have always liked Dustin Hoffmans style of acting, in this mov.docx
I have always liked Dustin Hoffmans style of acting, in this mov.docx
 
Is obedience to the law sufficient to ensure ethical behavior Wh.docx
Is obedience to the law sufficient to ensure ethical behavior Wh.docxIs obedience to the law sufficient to ensure ethical behavior Wh.docx
Is obedience to the law sufficient to ensure ethical behavior Wh.docx
 
If you are using the Blackboard Mobile Learn IOS App, please clic.docx
If you are using the Blackboard Mobile Learn IOS App, please clic.docxIf you are using the Blackboard Mobile Learn IOS App, please clic.docx
If you are using the Blackboard Mobile Learn IOS App, please clic.docx
 
Is the proliferation of social media and communication devices a .docx
Is the proliferation of social media and communication devices a .docxIs the proliferation of social media and communication devices a .docx
Is the proliferation of social media and communication devices a .docx
 
MATH 107 FINAL EXAMINATIONMULTIPLE CHOICE1. Deter.docx
MATH 107 FINAL EXAMINATIONMULTIPLE CHOICE1. Deter.docxMATH 107 FINAL EXAMINATIONMULTIPLE CHOICE1. Deter.docx
MATH 107 FINAL EXAMINATIONMULTIPLE CHOICE1. Deter.docx
 
If the CIO is to be valued as a strategic actor, how can he bring.docx
If the CIO is to be valued as a strategic actor, how can he bring.docxIf the CIO is to be valued as a strategic actor, how can he bring.docx
If the CIO is to be valued as a strategic actor, how can he bring.docx
 
I am showing below the proof of breakeven, which is fixed costs .docx
I am showing below the proof of breakeven, which is fixed costs .docxI am showing below the proof of breakeven, which is fixed costs .docx
I am showing below the proof of breakeven, which is fixed costs .docx
 
Examine the way in which death and dying are viewed at different .docx
Examine the way in which death and dying are viewed at different .docxExamine the way in which death and dying are viewed at different .docx
Examine the way in which death and dying are viewed at different .docx
 
Karimi 1 Big Picture Blog Post ​ First Draft College .docx
Karimi 1 Big Picture Blog Post ​ First Draft College .docxKarimi 1 Big Picture Blog Post ​ First Draft College .docx
Karimi 1 Big Picture Blog Post ​ First Draft College .docx
 
Please try not to use hard words Thank youWeek 3Individual.docx
Please try not to use hard words Thank youWeek 3Individual.docxPlease try not to use hard words Thank youWeek 3Individual.docx
Please try not to use hard words Thank youWeek 3Individual.docx
 

Recently uploaded

Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Shubhangi Sonawane
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfAdmir Softic
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfagholdier
 
Gardella_Mateo_IntellectualProperty.pdf.
Gardella_Mateo_IntellectualProperty.pdf.Gardella_Mateo_IntellectualProperty.pdf.
Gardella_Mateo_IntellectualProperty.pdf.MateoGardella
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingTeacherCyreneCayanan
 
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...KokoStevan
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxPoojaSen20
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxDenish Jangid
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxVishalSingh1417
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Disha Kariya
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxVishalSingh1417
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.christianmathematics
 

Recently uploaded (20)

Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
Gardella_Mateo_IntellectualProperty.pdf.
Gardella_Mateo_IntellectualProperty.pdf.Gardella_Mateo_IntellectualProperty.pdf.
Gardella_Mateo_IntellectualProperty.pdf.
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writing
 
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docx
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 

1.0 OverviewCase Summary Example 1. On todays date,

  • 1. 1.0 Overview/Case Summary Example: 1. On today's date, John Doe contacted my office in regards to imaging a stolen laptop computer running Windows® XP Professional that had been recovered. Doe is requesting a forensic examination to see what company documents may have been stolen by the suspect(s) and is requesting a full forensic examination and report for possible criminal charges & civil litigation. This section will vary in length. You will include any relevant information regarding what led to you as the forensic examiner/analyst becoming involved with the digital evidence. You may be just receiving the forensic image and someone else conducted the forensic acquisition and this is a good place to document that as this will correlate with your chain of custody information that you immediately started once you came into contact with the digital evidence. Remember, this is an overview and a summary of how the case was initialized and where you as the examiner/analyst became involved. 2.0 Forensic Acquisition & Exam Preparation Example:
  • 2. 1. On today's date I began the forensic acquisition/imaging process of the stolen laptop. Prior to imaging the stolen laptop, I photographed the laptop, documenting any identifiers (e.g., make, model, serial #), unique markings, visible damage, etc. while maintaining chain of custody. 2. Using a sterile storage media (examination medium) that had been previously forensically wiped and verified by this examiner (MD5 hash value: ed6be165b631918f3cca01eccad378dd) using ABC tool version 1.0. The MD5 hash value for the examination medium yielded the same MD5 hash value as previous forensic wipes to sterilize this media. 3. At this point, I removed the hard drive from the stolen laptop and connected it to my hardware write-blocker, which is running the most recent firmware and has been verified by this examiner. After connecting the hardware write blocker to the suspect hard drive, I connected the hardware write blocker via USB 2.0 to my forensic examination machine to begin the forensic imaging process? 4. Etc, etc. This section is very important, as you must detail your interaction with the digital evidence and the steps taken to preserve and forensically acquire the evidence. Any
  • 3. additional steps that you take (e.g. forensically wiping storage/examination media, etc.) should be notated in this section of your report. Remember, this section of your report is usually where you as the examiner/analyst came into contact with the digital evidence and thoroughly documenting what you have done is very important to the integrity of the digital evidence and your chain of custody. Examiner's Tip: You should have a digital camera in your forensic toolkit. Take a picture of the evidence and document each step of the forensic acquisition and preparation process. Regardless, if you include the picture in your report or as an exhibit, this picture is a perfect field note for you as the examiner to reference when completing your report. • You will also need to include that you verified your forensic image and notate the hash values (e.g., MD5, SHA-1). • You will also need to briefly describe the process you used when making a working copy from the forensic image of the original evidence. 3.0 Findings and Report (Forensic Analysis) Example: 1. After completing the forensic acquisition of the stolen laptop I began analyzing
  • 4. the forensic image of the stolen laptop with Forensic Tool 2. I used the following tools for forensic analysis, which are licensed to this examiner: o Guidance® Software's EnCase® 6.17 o SANS Investigative Forensic Toolkit (SIFT) Version 2.0 o Internet Evidence Finder v3.3 o RegRipper by Harlan Carvey o Microsoft® Excel 2007 3. A review of the Internet history using Internet Evidence Finder, the following data was recovered from sector 117004, which shows a Facebook email between John Doe and Jane Doe. Further analysis shows that a John Doe logged into his Google Mail account. See screenshots below: John Doe logging into Google Mail account. John Doe logging into Google Mail account. This is the most detailed section of your investigation. You will include all artifacts that you find during your analysis relating to the case. Examiner's Tip: A very good practice when you are including your evidence into your
  • 5. report is to include hyperlinks within your report to link to pictures, documents, etc. Make sure you test and validate that the hyperlinks work properly so when your report is being reviewed, the reader can navigate easily to the evidence that you are including in your report. 4.0 Conclusion In this section, you are basing your conclusion off the forensic evidence. Remember, the goal of the forensic examination is to report the facts, regardless if the evidence is inculpatory or exculpatory in nature. Ref: https://www.sans.org/blog/intro-to-report-writing-for- digital-forensics/ Basic SQL Dr. Buleje Slide 6- 1 Outline
  • 6. SQL Slide 6- 3 Basic SQL ord “SEQUEL” which was the original term used in the paper: “SEQUEL TO SQUARE” Slide 6- 4 SQL Data Definition, Data Types, Standards
  • 7. Slide 6- 5 SQL Standards -86 or SQL 1.A. -92 is referred to as SQL-2. -1999) are divided into core specification and specialized extensions. -2006 added XML features -3 Slide 6- 6 Schema and Catalog Concepts in SQL
  • 8. constructs Slide 6- 6 Schema and Catalog Concepts in SQL (cont’d.) REATE SCHEMA COMPANY AUTHORIZATION ‘Jsmith’; Slide 6- 8 The CREATE TABLE Command in SQL or
  • 9. Slide 6- 9 The CREATE TABLE Command in SQL (cont’d.) Slide 6- 10 COMPANY relational database schema Slide 6- 11 One possible database state for the COMPANY relational database schema Slide 6- 12 One possible database state for the COMPANY relational database schema – continued Slide 6- 13
  • 10. SQL CREATE TABLE data definition statements for defining the COMPANY schema from Figure in Slide 10 continued on next slide Slide 6- 14 SQL CREATE TABLE data definition statements for defining the COMPANY schema from Figure in Slide 10 -continued Slide 6- 15 Attribute Data Types and Domains in SQL LINT -point (real) numbers: FLOAT or REAL, and DOUBLE PRECISION
  • 11. -string data types VARYING(n), CHARACTER VARYING(n) Slide 6- 17 Attribute Data Types and Domains in SQL (cont’d.) -string data types form YYYY-MM-DD
  • 12. change date formats Slide 6- 18 Attribute Data Types and Domains in SQL (cont’d.) Includes the DATE and TIME fields imum of six positions for decimal fractions of seconds increment or decrement an absolute value of a date, time, or timestamp Slide 6- 19 Attribute Data Types and Domains in
  • 13. SQL (cont’d.) object-oriented applications. Slide 6- 18 Specifying Constraints in SQL Basic constraints: are supported in SQL: Slide 6- 19
  • 14. Basic Retrieval Queries in SQL that are identical Slide 6- 20 The SELECT-FROM-WHERE Structure of Basic SQL Queries Slide 6- 21 Basic Retrieval Queries Slide 6- 31 Basic Retrieval Queries (Contd.) Slide 6- 32
  • 15. Tables as Sets in SQL query results for lause Slide 6- 38 Tables as Sets in SQL (cont’d.) EXCEPT ALL, INTERSECT ALL) Slide 6- 39 Substring Pattern Matching and Arithmetic Operators
  • 16. characters LIKE ‘%Houston,TX%’; AND Dno = 5; Slide 6- 40 Arithmetic Operations –), multiplication (*), and division (/) may be included as a part of SELECT Slide 6- 27
  • 17. Ordering of Query Results ORDER BY D.Dname DESC, E.Lname ASC, E.Fname ASC Slide 6- 28 INSERT, DELETE, and UPDATE Statements in SQL Slide 6- 44 The INSERT Command (examples)
  • 18. the tuple. All values including nulls are supplied. a new table is loaded values from the result of a query. Slide 6- 46 The DELETE Command (examples) ect the tuples to be deleted. The number of tuples deleted will vary. Slide 6- 49 UPDATE (example) department number of project number 10 to 'Bellaire' and 5, respectively U5: UPDATE PROJECT
  • 19. SET PLOCATION = 'Bellaire', DNUM = 5 WHERE PNUMBER=10 Slide 6- 51 Summary management specification, and view definition definition commands for creating tables Slide 6- 55