SlideShare a Scribd company logo

CF Investigation SME Data Breach

Download as DOCX, PDF
S
sarantatersall

PRACTICAL CONNECTION ASSIGNMENT Professor Scott Van Nice Original source of fact pattern: https://resources.infosecinstitute.com/computer-forensics-investigation-case-study/ Refresher 1. A Computer Forensic investigator generally investigates the data which could be taken from computer hard disks or any other storage devices with adherence to standard policies and procedures to determine if those devices have been compromised by unauthorized access or not. 2. Computer Forensics investigators work as a team to investigate the incident and conduct the forensic analysis by using various methodologies (e.g. Static and Dynamic) and tools (e.g. FTK or Encase) to ensure the computer network system is secure in an organization. 3. A successful Computer Forensic investigator must be familiar with various laws and regulations related to computer crimes in their country (e.g. Computer Misuse Act 1990, the UK) and various computer operating systems (e.g. Windows, Linux) and network operating systems (e.g. Win NT). 4. Public investigations and Private or Corporate investigations are the two distinctive categories that fall under Computer Forensics investigations. Public investigations will be conducted by government agencies, and private investigations will be conducted by private computer forensic team. Fact Pattern 1. A new start-up SME (small-medium enterprise) based in Luton has recently begun to notice anomalies in its accounting and product records. 2. This SME has also noticed that their competitors seem to be developing products that are very similar to what they are doing which suggests potential intellectual property theft. 3. SME has undertaken an initial check of system log files, and there are several suspicious entries and IP addresses with a large amount of data being sent outside the company firewall. 4. SME has also recently received several customer complaints saying that there is often a strange message displayed during order processing, and they are often re-directed to a payment page that does not look legitimate. 5. The company makes use of a general purpose eBusiness package (OSCommerce) and has a small team of six IT support professionals, but they do not feel that they have the expertise to carry out a full scale malware/forensic investigation. 6. As there is increased competition in the hi-tech domain, the company is anxious to ensure that their systems are not being compromised either internally or externally and they have employed a digital forensic investigator to determine whether any malicious activity has taken place, and to ensure that there is no malware within their systems. 7. The company uses Windows 10 for its servers. Patches are applied by the IT support team on a monthly basis, but the team has noticed that a number of machines do not seem to have been patched. 8. The company provides mobile devices (Apple iOS) to its employees and the iPhones are considered corporate assets. 9. The company also as several em.

Education
1 of 4
PRACTICAL CONNECTION ASSIGNMENT Professor Scott Van Nice Original source of fact pattern: https://resources.infosecinstitute.com/computer-forensics- investigation-case-study/ Refresher 1. A Computer Forensic investigator generally investigates the data which could be taken from computer hard disks or any other storage devices with adherence to standard policies and procedures to determine if those devices have been compromised by unauthorized access or not. 2. Computer Forensics investigators work as a team to investigate the incident and conduct the forensic analysis by using various methodologies (e.g. Static and Dynamic) and tools (e.g. FTK or Encase) to ensure the computer network system is secure in an organization. 3. A successful Computer Forensic investigator must be familiar with various laws and regulations related to computer crimes in their country (e.g. Computer Misuse Act 1990, the UK) and various computer operating systems (e.g. Windows, Linux) and network operating systems (e.g. Win NT). 4. Public investigations and Private or Corporate investigations are the two distinctive categories that fall under Computer Forensics investigations. Public investigations will be conducted by government agencies, and private investigations will be conducted by private computer forensic team. Fact Pattern 1. A new start-up SME (small-medium enterprise) based in Luton has recently begun to notice anomalies in its accounting and product records. 2. This SME has also noticed that their competitors seem to be developing products that are very similar to what they are doing which suggests potential intellectual property theft.
3. SME has undertaken an initial check of system log files, and there are several suspicious entries and IP addresses with a large amount of data being sent outside the company firewall. 4. SME has also recently received several customer complaints saying that there is often a strange message displayed during order processing, and they are often re-directed to a payment page that does not look legitimate. 5. The company makes use of a general purpose eBusiness package (OSCommerce) and has a small team of six IT support professionals, but they do not feel that they have the expertise to carry out a full scale malware/forensic investigation. 6. As there is increased competition in the hi-tech domain, the company is anxious to ensure that their systems are not being compromised either internally or externally and they have employed a digital forensic investigator to determine whether any malicious activity has taken place, and to ensure that there is no malware within their systems. 7. The company uses Windows 10 for its servers. Patches are applied by the IT support team on a monthly basis, but the team has noticed that a number of machines do not seem to have been patched. 8. The company provides mobile devices (Apple iOS) to its employees and the iPhones are considered corporate assets. 9. The company also as several employees who use non- corporate mobile devices for work but they are not considered corporate assets. 10. The company uses Microsoft Exchange with an enterprise email server environment where every employee has their own corporate email account. 11. The company’s network is composed of routers, firewalls, hubs, and active directory domain servers. 12. Many of the employees also carry tech-wearables e.g. FitBit, smart watches, etc that can be plugged into a computer via a USB port for charging and/or for data transfer. 13. The company has several employees in the United States and several in the European Union region (EU) e.g. two of them
are in Germany. 14. Your task, as an attorney and a trained forensic investigator, is to supervise a digital forensics investigation to see whether you can prepare a case against the perpetrators. 15. This task may require investigating all employees including emails, the network, mobile devices, computers, etc. 16. In addition to overseeing an investigation you are asked to advise the company of its legal rights e.g. what the company may or may not do especially if you are planning to collect devices or emails. Deliverables Your deliverable in this assignment is a 2-page report (no more than 3 pages please) discussing how you would approach the following Digital Forensic Investigation. As part of this report you should also: 1. Outline and discuss the methodology that you will use. 2. Provide a reasoned argument as to why the particular methodology (or methodologies) chosen is relevant. 3. Identify key facts and identify key considerations to consider from a technical / forensic standpoint that the company should consider. 4. Identify key facts and identify key considerations to consider from a legal standpoint that the company should consider. 5. Discuss in detail (step by step) the process that you will use to collect evidence and discuss the relevant guidelines that need to be followed when collecting digital evidence. 6. Be sure to back your reasoning with case law as applicable. Scott’s Hints 1. Spend some time thinking about how you want to frame this. 2. Look at your textbooks – and the chapters covered. Perhaps that would give you a good roadmap. 3. There are many obvious and non-obvious devices here. Spend some time listing there as well as perhaps think of others that may be included (but was not explicitly) called out. 4. Refresh your memory on the order of volatility, this may help
you prioritize. 5. Are there some potential resources that I did not include in this fact pattern, but you think should be considered (one good example might be capture of email accounts from the back-end e.g. Exchange server). Why did I assign you this? Many real-world cybersecurity incidents have a lot of moving parts and you may be asked to quickly formulate a plan while ensuring it has a legal foundation. This is a good exercise as to how you can learn to put everything together. In addition, I think this might make a great interview segment for you where you can demonstrate to a potential employer of how much you have learned! This is also an open-ended assignment so many of you may approach this differently. This is fine so long you are mindful of the important forensic principles that we have learned together.

Recommended

Malware analysis
Malware analysisMalware analysis
Malware analysisAnne ndolo
 
01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - NotesKranthi
 
05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - Notes05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - NotesKranthi
 
Computer forencis
Computer forencisComputer forencis
Computer forencisTeja Bheemanapally
 
4.content (computer forensic)
4.content (computer forensic)4.content (computer forensic)
4.content (computer forensic)JIEMS Akkalkuwa
 
Business Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer ForensicBusiness Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer ForensicDhiren Gala
 
Computer forensic
Computer forensicComputer forensic
Computer forensicibraheem ogundele
 
RUNNING HEADER CASE STUDYRUNNING HEADER CASE STUDY .docx
RUNNING HEADER CASE STUDYRUNNING HEADER CASE STUDY .docxRUNNING HEADER CASE STUDYRUNNING HEADER CASE STUDY .docx
RUNNING HEADER CASE STUDYRUNNING HEADER CASE STUDY .docxrtodd599
 

Recommended

Malware analysis
Malware analysisMalware analysis
Malware analysisAnne ndolo
 
01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - NotesKranthi
 
05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - Notes05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - NotesKranthi
 
Computer forencis
Computer forencisComputer forencis
Computer forencisTeja Bheemanapally
 
4.content (computer forensic)
4.content (computer forensic)4.content (computer forensic)
4.content (computer forensic)JIEMS Akkalkuwa
 
Business Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer ForensicBusiness Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer ForensicDhiren Gala
 
Computer forensic
Computer forensicComputer forensic
Computer forensicibraheem ogundele
 
RUNNING HEADER CASE STUDYRUNNING HEADER CASE STUDY .docx
RUNNING HEADER CASE STUDYRUNNING HEADER CASE STUDY .docxRUNNING HEADER CASE STUDYRUNNING HEADER CASE STUDY .docx
RUNNING HEADER CASE STUDYRUNNING HEADER CASE STUDY .docxrtodd599
 
Ethical Hacking And Computer Forensics
Ethical Hacking And Computer ForensicsEthical Hacking And Computer Forensics
Ethical Hacking And Computer ForensicsShanaAneevan
 
Design for A Network Centric Enterprise Forensic System
Design for A Network Centric Enterprise Forensic SystemDesign for A Network Centric Enterprise Forensic System
Design for A Network Centric Enterprise Forensic SystemCSCJournals
 
Corporate Public Investigations
Corporate Public InvestigationsCorporate Public Investigations
Corporate Public InvestigationsCTIN
 
Latihan4 comp-forensic-bab3
Latihan4 comp-forensic-bab3Latihan4 comp-forensic-bab3
Latihan4 comp-forensic-bab3sabtolinux
 
Computer Forensics-An Introduction of New Face to the Digital World
Computer Forensics-An Introduction of New Face to the Digital WorldComputer Forensics-An Introduction of New Face to the Digital World
Computer Forensics-An Introduction of New Face to the Digital Worldrahulmonikasharma
 
Cyber Forensics Module 2
Cyber Forensics Module 2Cyber Forensics Module 2
Cyber Forensics Module 2Manu Mathew Cherian
 
cyberlaws and cyberforensics,biometrics
cyberlaws and cyberforensics,biometricscyberlaws and cyberforensics,biometrics
cyberlaws and cyberforensics,biometricsMayank Diwakar
 
f6_cyber_security_and_your_agency.pdf
f6_cyber_security_and_your_agency.pdff6_cyber_security_and_your_agency.pdf
f6_cyber_security_and_your_agency.pdfSurendhar57
 
Lecture2 Introduction to Digital Forensics.ppt
Lecture2 Introduction to Digital Forensics.pptLecture2 Introduction to Digital Forensics.ppt
Lecture2 Introduction to Digital Forensics.pptSurajgroupsvideo
 
The tops for collecting network based evidenceyou think that your.pdf
The tops for collecting network based evidenceyou think that your.pdfThe tops for collecting network based evidenceyou think that your.pdf
The tops for collecting network based evidenceyou think that your.pdfnoelbuddy
 
ASSIGNMENT2 Computer Architecture and Imaging So you’re telling .docx
ASSIGNMENT2 Computer Architecture and Imaging So you’re telling .docxASSIGNMENT2 Computer Architecture and Imaging So you’re telling .docx
ASSIGNMENT2 Computer Architecture and Imaging So you’re telling .docxedmondpburgess27164
 
SFC 2019
SFC 2019SFC 2019
SFC 2019EmmanuelImpraim1
 
Digital Forensics for Artificial Intelligence (AI ) Systems.pdf
Digital Forensics for Artificial Intelligence (AI ) Systems.pdfDigital Forensics for Artificial Intelligence (AI ) Systems.pdf
Digital Forensics for Artificial Intelligence (AI ) Systems.pdfMahdi_Fahmideh
 
Assignment 1 ) -----  Portfolio AssignmentsPrefaceListed.docx
Assignment 1 ) -----  Portfolio AssignmentsPrefaceListed.docxAssignment 1 ) -----  Portfolio AssignmentsPrefaceListed.docx
Assignment 1 ) -----  Portfolio AssignmentsPrefaceListed.docxcarlibradley31429
 
computer and society impact of Computer in society
computer and society impact of Computer in society computer and society impact of Computer in society
computer and society impact of Computer in society Sumama Shakir
 
Topic 7
Topic 7Topic 7
Topic 7MLG College of Learning, Inc
 
Forensics
ForensicsForensics
ForensicsGhariani Tewfik
 
ISE 510 Final Project Scenario Background Limetree Inc. is a resea.docx
ISE 510 Final Project Scenario Background Limetree Inc. is a resea.docxISE 510 Final Project Scenario Background Limetree Inc. is a resea.docx
ISE 510 Final Project Scenario Background Limetree Inc. is a resea.docxchristiandean12115
 
Cyb 610 Inspiring Innovation--tutorialrank.com
Cyb 610 Inspiring Innovation--tutorialrank.comCyb 610 Inspiring Innovation--tutorialrank.com
Cyb 610 Inspiring Innovation--tutorialrank.comPrescottLunt386
 
Exercise 3You work as a forensic investigator. A recent inquiry .docx
Exercise 3You work as a forensic investigator. A recent inquiry .docxExercise 3You work as a forensic investigator. A recent inquiry .docx
Exercise 3You work as a forensic investigator. A recent inquiry .docxrhetttrevannion
 
Primary Source AnalysisFor this assignment, you will find and anal.docx
Primary Source AnalysisFor this assignment, you will find and anal.docxPrimary Source AnalysisFor this assignment, you will find and anal.docx
Primary Source AnalysisFor this assignment, you will find and anal.docxsarantatersall
 
Previously we discussed how the Department of Homeland Security is t.docx
Previously we discussed how the Department of Homeland Security is t.docxPreviously we discussed how the Department of Homeland Security is t.docx
Previously we discussed how the Department of Homeland Security is t.docxsarantatersall
 

More Related Content

Similar to CF Investigation SME Data Breach

Ethical Hacking And Computer Forensics
Ethical Hacking And Computer ForensicsEthical Hacking And Computer Forensics
Ethical Hacking And Computer ForensicsShanaAneevan
 
Design for A Network Centric Enterprise Forensic System
Design for A Network Centric Enterprise Forensic SystemDesign for A Network Centric Enterprise Forensic System
Design for A Network Centric Enterprise Forensic SystemCSCJournals
 
Corporate Public Investigations
Corporate Public InvestigationsCorporate Public Investigations
Corporate Public InvestigationsCTIN
 
Latihan4 comp-forensic-bab3
Latihan4 comp-forensic-bab3Latihan4 comp-forensic-bab3
Latihan4 comp-forensic-bab3sabtolinux
 
Computer Forensics-An Introduction of New Face to the Digital World
Computer Forensics-An Introduction of New Face to the Digital WorldComputer Forensics-An Introduction of New Face to the Digital World
Computer Forensics-An Introduction of New Face to the Digital Worldrahulmonikasharma
 
cyberlaws and cyberforensics,biometrics
cyberlaws and cyberforensics,biometricscyberlaws and cyberforensics,biometrics
cyberlaws and cyberforensics,biometricsMayank Diwakar
 
f6_cyber_security_and_your_agency.pdf
f6_cyber_security_and_your_agency.pdff6_cyber_security_and_your_agency.pdf
f6_cyber_security_and_your_agency.pdfSurendhar57
 
Lecture2 Introduction to Digital Forensics.ppt
Lecture2 Introduction to Digital Forensics.pptLecture2 Introduction to Digital Forensics.ppt
Lecture2 Introduction to Digital Forensics.pptSurajgroupsvideo
 
The tops for collecting network based evidenceyou think that your.pdf
The tops for collecting network based evidenceyou think that your.pdfThe tops for collecting network based evidenceyou think that your.pdf
The tops for collecting network based evidenceyou think that your.pdfnoelbuddy
 
ASSIGNMENT2 Computer Architecture and Imaging So you’re telling .docx
ASSIGNMENT2 Computer Architecture and Imaging So you’re telling .docxASSIGNMENT2 Computer Architecture and Imaging So you’re telling .docx
ASSIGNMENT2 Computer Architecture and Imaging So you’re telling .docxedmondpburgess27164
 
Digital Forensics for Artificial Intelligence (AI ) Systems.pdf
Digital Forensics for Artificial Intelligence (AI ) Systems.pdfDigital Forensics for Artificial Intelligence (AI ) Systems.pdf
Digital Forensics for Artificial Intelligence (AI ) Systems.pdfMahdi_Fahmideh
 
Assignment 1 ) -----  Portfolio AssignmentsPrefaceListed.docx
Assignment 1 ) -----  Portfolio AssignmentsPrefaceListed.docxAssignment 1 ) -----  Portfolio AssignmentsPrefaceListed.docx
Assignment 1 ) -----  Portfolio AssignmentsPrefaceListed.docxcarlibradley31429
 
computer and society impact of Computer in society
computer and society impact of Computer in society computer and society impact of Computer in society
computer and society impact of Computer in society Sumama Shakir
 
ISE 510 Final Project Scenario Background Limetree Inc. is a resea.docx
ISE 510 Final Project Scenario Background Limetree Inc. is a resea.docxISE 510 Final Project Scenario Background Limetree Inc. is a resea.docx
ISE 510 Final Project Scenario Background Limetree Inc. is a resea.docxchristiandean12115
 
Cyb 610 Inspiring Innovation--tutorialrank.com
Cyb 610 Inspiring Innovation--tutorialrank.comCyb 610 Inspiring Innovation--tutorialrank.com
Cyb 610 Inspiring Innovation--tutorialrank.comPrescottLunt386
 
Exercise 3You work as a forensic investigator. A recent inquiry .docx
Exercise 3You work as a forensic investigator. A recent inquiry .docxExercise 3You work as a forensic investigator. A recent inquiry .docx
Exercise 3You work as a forensic investigator. A recent inquiry .docxrhetttrevannion
 

Similar to CF Investigation SME Data Breach (20)

Ethical Hacking And Computer Forensics
Ethical Hacking And Computer ForensicsEthical Hacking And Computer Forensics
Ethical Hacking And Computer Forensics
 
Design for A Network Centric Enterprise Forensic System
Design for A Network Centric Enterprise Forensic SystemDesign for A Network Centric Enterprise Forensic System
Design for A Network Centric Enterprise Forensic System
 
Corporate Public Investigations
Corporate Public InvestigationsCorporate Public Investigations
Corporate Public Investigations
 
Latihan4 comp-forensic-bab3
Latihan4 comp-forensic-bab3Latihan4 comp-forensic-bab3
Latihan4 comp-forensic-bab3
 
Computer Forensics-An Introduction of New Face to the Digital World
Computer Forensics-An Introduction of New Face to the Digital WorldComputer Forensics-An Introduction of New Face to the Digital World
Computer Forensics-An Introduction of New Face to the Digital World
 
Cyber Forensics Module 2
Cyber Forensics Module 2Cyber Forensics Module 2
Cyber Forensics Module 2
 
cyberlaws and cyberforensics,biometrics
cyberlaws and cyberforensics,biometricscyberlaws and cyberforensics,biometrics
cyberlaws and cyberforensics,biometrics
 
f6_cyber_security_and_your_agency.pdf
f6_cyber_security_and_your_agency.pdff6_cyber_security_and_your_agency.pdf
f6_cyber_security_and_your_agency.pdf
 
Lecture2 Introduction to Digital Forensics.ppt
Lecture2 Introduction to Digital Forensics.pptLecture2 Introduction to Digital Forensics.ppt
Lecture2 Introduction to Digital Forensics.ppt
 
The tops for collecting network based evidenceyou think that your.pdf
The tops for collecting network based evidenceyou think that your.pdfThe tops for collecting network based evidenceyou think that your.pdf
The tops for collecting network based evidenceyou think that your.pdf
 
ASSIGNMENT2 Computer Architecture and Imaging So you’re telling .docx
ASSIGNMENT2 Computer Architecture and Imaging So you’re telling .docxASSIGNMENT2 Computer Architecture and Imaging So you’re telling .docx
ASSIGNMENT2 Computer Architecture and Imaging So you’re telling .docx
 
SFC 2019
SFC 2019SFC 2019
SFC 2019
 
Digital Forensics for Artificial Intelligence (AI ) Systems.pdf
Digital Forensics for Artificial Intelligence (AI ) Systems.pdfDigital Forensics for Artificial Intelligence (AI ) Systems.pdf
Digital Forensics for Artificial Intelligence (AI ) Systems.pdf
 
Assignment 1 ) -----  Portfolio AssignmentsPrefaceListed.docx
Assignment 1 ) -----  Portfolio AssignmentsPrefaceListed.docxAssignment 1 ) -----  Portfolio AssignmentsPrefaceListed.docx
Assignment 1 ) -----  Portfolio AssignmentsPrefaceListed.docx
 
computer and society impact of Computer in society
computer and society impact of Computer in society computer and society impact of Computer in society
computer and society impact of Computer in society
 
Topic 7
Topic 7Topic 7
Topic 7
 
Forensics
ForensicsForensics
Forensics
 
ISE 510 Final Project Scenario Background Limetree Inc. is a resea.docx
ISE 510 Final Project Scenario Background Limetree Inc. is a resea.docxISE 510 Final Project Scenario Background Limetree Inc. is a resea.docx
ISE 510 Final Project Scenario Background Limetree Inc. is a resea.docx
 
Cyb 610 Inspiring Innovation--tutorialrank.com
Cyb 610 Inspiring Innovation--tutorialrank.comCyb 610 Inspiring Innovation--tutorialrank.com
Cyb 610 Inspiring Innovation--tutorialrank.com
 
Exercise 3You work as a forensic investigator. A recent inquiry .docx
Exercise 3You work as a forensic investigator. A recent inquiry .docxExercise 3You work as a forensic investigator. A recent inquiry .docx
Exercise 3You work as a forensic investigator. A recent inquiry .docx
 

More from sarantatersall

Primary Source AnalysisFor this assignment, you will find and anal.docx
Primary Source AnalysisFor this assignment, you will find and anal.docxPrimary Source AnalysisFor this assignment, you will find and anal.docx
Primary Source AnalysisFor this assignment, you will find and anal.docxsarantatersall
 
Previously we discussed how the Department of Homeland Security is t.docx
Previously we discussed how the Department of Homeland Security is t.docxPreviously we discussed how the Department of Homeland Security is t.docx
Previously we discussed how the Department of Homeland Security is t.docxsarantatersall
 
Prevailing wisdom reinforces the fact that working in U.S. health .docx
Prevailing wisdom reinforces the fact that working in U.S. health .docxPrevailing wisdom reinforces the fact that working in U.S. health .docx
Prevailing wisdom reinforces the fact that working in U.S. health .docxsarantatersall
 
Pretend that you are participating in a public safety awareness foru.docx
Pretend that you are participating in a public safety awareness foru.docxPretend that you are participating in a public safety awareness foru.docx
Pretend that you are participating in a public safety awareness foru.docxsarantatersall
 
Pretend we are launching a new service for Chick Fil A, a home deliv.docx
Pretend we are launching a new service for Chick Fil A, a home deliv.docxPretend we are launching a new service for Chick Fil A, a home deliv.docx
Pretend we are launching a new service for Chick Fil A, a home deliv.docxsarantatersall
 
President Bill Clinton was well known for paying close attention to .docx
President Bill Clinton was well known for paying close attention to .docxPresident Bill Clinton was well known for paying close attention to .docx
President Bill Clinton was well known for paying close attention to .docxsarantatersall
 
Present a 10-slide PowerPoint presentation.Role-play a situa.docx
Present a 10-slide PowerPoint presentation.Role-play a situa.docxPresent a 10-slide PowerPoint presentation.Role-play a situa.docx
Present a 10-slide PowerPoint presentation.Role-play a situa.docxsarantatersall
 
presentation on yourself as a leader This is a thirty-point presenta.docx
presentation on yourself as a leader This is a thirty-point presenta.docxpresentation on yourself as a leader This is a thirty-point presenta.docx
presentation on yourself as a leader This is a thirty-point presenta.docxsarantatersall
 
Prepare a presentation about a vacation or a retreat to a sacred p.docx
Prepare a presentation about a vacation or a retreat to a sacred p.docxPrepare a presentation about a vacation or a retreat to a sacred p.docx
Prepare a presentation about a vacation or a retreat to a sacred p.docxsarantatersall
 
Present the CDF findings on the topic in a table or graph that you c.docx
Present the CDF findings on the topic in a table or graph that you c.docxPresent the CDF findings on the topic in a table or graph that you c.docx
Present the CDF findings on the topic in a table or graph that you c.docxsarantatersall
 
Present a 10-12 PowerPoint slide in which you describe the p.docx
Present a 10-12 PowerPoint slide in which you describe the p.docxPresent a 10-12 PowerPoint slide in which you describe the p.docx
Present a 10-12 PowerPoint slide in which you describe the p.docxsarantatersall
 
Present and discuss an example of cross-fertilization between two .docx
Present and discuss an example of cross-fertilization between two .docxPresent and discuss an example of cross-fertilization between two .docx
Present and discuss an example of cross-fertilization between two .docxsarantatersall
 
Presentation requirements ON Kincaid’s lupine  -----(FLOWER)Y.docx
Presentation requirements ON Kincaid’s lupine  -----(FLOWER)Y.docxPresentation requirements ON Kincaid’s lupine  -----(FLOWER)Y.docx
Presentation requirements ON Kincaid’s lupine  -----(FLOWER)Y.docxsarantatersall
 
Prepare a 1400- to 1750-word paper nominating a 20th-century fig.docx
Prepare a 1400- to 1750-word paper nominating a 20th-century fig.docxPrepare a 1400- to 1750-word paper nominating a 20th-century fig.docx
Prepare a 1400- to 1750-word paper nominating a 20th-century fig.docxsarantatersall
 
Prepare a 3-4-slide Microsoft® PowerPoint® presentation..docx
Prepare a 3-4-slide Microsoft® PowerPoint® presentation..docxPrepare a 3-4-slide Microsoft® PowerPoint® presentation..docx
Prepare a 3-4-slide Microsoft® PowerPoint® presentation..docxsarantatersall
 
Prepare bond and lease amortization schedules using the values fro.docx
Prepare bond and lease amortization schedules using the values fro.docxPrepare bond and lease amortization schedules using the values fro.docx
Prepare bond and lease amortization schedules using the values fro.docxsarantatersall
 
Prepare a 10- to 15-slide Microsoft® PowerPoint® present.docx
Prepare a 10- to 15-slide Microsoft® PowerPoint® present.docxPrepare a 10- to 15-slide Microsoft® PowerPoint® present.docx
Prepare a 10- to 15-slide Microsoft® PowerPoint® present.docxsarantatersall
 
Prepare a 1,050- to 1,750-word paper that explains how technology .docx
Prepare a 1,050- to 1,750-word paper that explains how technology .docxPrepare a 1,050- to 1,750-word paper that explains how technology .docx
Prepare a 1,050- to 1,750-word paper that explains how technology .docxsarantatersall
 
Preparea 1,400- to 2,100-word paper identifying both organizatio.docx
Preparea 1,400- to 2,100-word paper identifying both organizatio.docxPreparea 1,400- to 2,100-word paper identifying both organizatio.docx
Preparea 1,400- to 2,100-word paper identifying both organizatio.docxsarantatersall
 
Prepare three 7 to 10 minute mini-lessonslectures on myth in .docx
Prepare three 7 to 10 minute mini-lessonslectures on myth in .docxPrepare three 7 to 10 minute mini-lessonslectures on myth in .docx
Prepare three 7 to 10 minute mini-lessonslectures on myth in .docxsarantatersall
 

More from sarantatersall (20)

Primary Source AnalysisFor this assignment, you will find and anal.docx
Primary Source AnalysisFor this assignment, you will find and anal.docxPrimary Source AnalysisFor this assignment, you will find and anal.docx
Primary Source AnalysisFor this assignment, you will find and anal.docx
 
Previously we discussed how the Department of Homeland Security is t.docx
Previously we discussed how the Department of Homeland Security is t.docxPreviously we discussed how the Department of Homeland Security is t.docx
Previously we discussed how the Department of Homeland Security is t.docx
 
Prevailing wisdom reinforces the fact that working in U.S. health .docx
Prevailing wisdom reinforces the fact that working in U.S. health .docxPrevailing wisdom reinforces the fact that working in U.S. health .docx
Prevailing wisdom reinforces the fact that working in U.S. health .docx
 
Pretend that you are participating in a public safety awareness foru.docx
Pretend that you are participating in a public safety awareness foru.docxPretend that you are participating in a public safety awareness foru.docx
Pretend that you are participating in a public safety awareness foru.docx
 
Pretend we are launching a new service for Chick Fil A, a home deliv.docx
Pretend we are launching a new service for Chick Fil A, a home deliv.docxPretend we are launching a new service for Chick Fil A, a home deliv.docx
Pretend we are launching a new service for Chick Fil A, a home deliv.docx
 
President Bill Clinton was well known for paying close attention to .docx
President Bill Clinton was well known for paying close attention to .docxPresident Bill Clinton was well known for paying close attention to .docx
President Bill Clinton was well known for paying close attention to .docx
 
Present a 10-slide PowerPoint presentation.Role-play a situa.docx
Present a 10-slide PowerPoint presentation.Role-play a situa.docxPresent a 10-slide PowerPoint presentation.Role-play a situa.docx
Present a 10-slide PowerPoint presentation.Role-play a situa.docx
 
presentation on yourself as a leader This is a thirty-point presenta.docx
presentation on yourself as a leader This is a thirty-point presenta.docxpresentation on yourself as a leader This is a thirty-point presenta.docx
presentation on yourself as a leader This is a thirty-point presenta.docx
 
Prepare a presentation about a vacation or a retreat to a sacred p.docx
Prepare a presentation about a vacation or a retreat to a sacred p.docxPrepare a presentation about a vacation or a retreat to a sacred p.docx
Prepare a presentation about a vacation or a retreat to a sacred p.docx
 
Present the CDF findings on the topic in a table or graph that you c.docx
Present the CDF findings on the topic in a table or graph that you c.docxPresent the CDF findings on the topic in a table or graph that you c.docx
Present the CDF findings on the topic in a table or graph that you c.docx
 
Present a 10-12 PowerPoint slide in which you describe the p.docx
Present a 10-12 PowerPoint slide in which you describe the p.docxPresent a 10-12 PowerPoint slide in which you describe the p.docx
Present a 10-12 PowerPoint slide in which you describe the p.docx
 
Present and discuss an example of cross-fertilization between two .docx
Present and discuss an example of cross-fertilization between two .docxPresent and discuss an example of cross-fertilization between two .docx
Present and discuss an example of cross-fertilization between two .docx
 
Presentation requirements ON Kincaid’s lupine  -----(FLOWER)Y.docx
Presentation requirements ON Kincaid’s lupine  -----(FLOWER)Y.docxPresentation requirements ON Kincaid’s lupine  -----(FLOWER)Y.docx
Presentation requirements ON Kincaid’s lupine  -----(FLOWER)Y.docx
 
Prepare a 1400- to 1750-word paper nominating a 20th-century fig.docx
Prepare a 1400- to 1750-word paper nominating a 20th-century fig.docxPrepare a 1400- to 1750-word paper nominating a 20th-century fig.docx
Prepare a 1400- to 1750-word paper nominating a 20th-century fig.docx
 
Prepare a 3-4-slide Microsoft® PowerPoint® presentation..docx
Prepare a 3-4-slide Microsoft® PowerPoint® presentation..docxPrepare a 3-4-slide Microsoft® PowerPoint® presentation..docx
Prepare a 3-4-slide Microsoft® PowerPoint® presentation..docx
 
Prepare bond and lease amortization schedules using the values fro.docx
Prepare bond and lease amortization schedules using the values fro.docxPrepare bond and lease amortization schedules using the values fro.docx
Prepare bond and lease amortization schedules using the values fro.docx
 
Prepare a 10- to 15-slide Microsoft® PowerPoint® present.docx
Prepare a 10- to 15-slide Microsoft® PowerPoint® present.docxPrepare a 10- to 15-slide Microsoft® PowerPoint® present.docx
Prepare a 10- to 15-slide Microsoft® PowerPoint® present.docx
 
Prepare a 1,050- to 1,750-word paper that explains how technology .docx
Prepare a 1,050- to 1,750-word paper that explains how technology .docxPrepare a 1,050- to 1,750-word paper that explains how technology .docx
Prepare a 1,050- to 1,750-word paper that explains how technology .docx
 
Preparea 1,400- to 2,100-word paper identifying both organizatio.docx
Preparea 1,400- to 2,100-word paper identifying both organizatio.docxPreparea 1,400- to 2,100-word paper identifying both organizatio.docx
Preparea 1,400- to 2,100-word paper identifying both organizatio.docx
 
Prepare three 7 to 10 minute mini-lessonslectures on myth in .docx
Prepare three 7 to 10 minute mini-lessonslectures on myth in .docxPrepare three 7 to 10 minute mini-lessonslectures on myth in .docx
Prepare three 7 to 10 minute mini-lessonslectures on myth in .docx
 

Recently uploaded

POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaVirag Sontakke
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceSamikshaHamane
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Jisc
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfUjwalaBharambe
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Celine George
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfMr Bounab Samir
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersSabitha Banu
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfSumit Tiwari
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatYousafMalik24
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...jaredbarbolino94
 
MARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupMARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupJonathanParaisoCruz
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Celine George
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 

Recently uploaded (20)

POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of India
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in Pharmacovigilance
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
 
ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for Beginners
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice great
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...
 
MARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupMARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized Group
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 

CF Investigation SME Data Breach

  • 1. PRACTICAL CONNECTION ASSIGNMENT Professor Scott Van Nice Original source of fact pattern: https://resources.infosecinstitute.com/computer-forensics- investigation-case-study/ Refresher 1. A Computer Forensic investigator generally investigates the data which could be taken from computer hard disks or any other storage devices with adherence to standard policies and procedures to determine if those devices have been compromised by unauthorized access or not. 2. Computer Forensics investigators work as a team to investigate the incident and conduct the forensic analysis by using various methodologies (e.g. Static and Dynamic) and tools (e.g. FTK or Encase) to ensure the computer network system is secure in an organization. 3. A successful Computer Forensic investigator must be familiar with various laws and regulations related to computer crimes in their country (e.g. Computer Misuse Act 1990, the UK) and various computer operating systems (e.g. Windows, Linux) and network operating systems (e.g. Win NT). 4. Public investigations and Private or Corporate investigations are the two distinctive categories that fall under Computer Forensics investigations. Public investigations will be conducted by government agencies, and private investigations will be conducted by private computer forensic team. Fact Pattern 1. A new start-up SME (small-medium enterprise) based in Luton has recently begun to notice anomalies in its accounting and product records. 2. This SME has also noticed that their competitors seem to be developing products that are very similar to what they are doing which suggests potential intellectual property theft.
  • 2. 3. SME has undertaken an initial check of system log files, and there are several suspicious entries and IP addresses with a large amount of data being sent outside the company firewall. 4. SME has also recently received several customer complaints saying that there is often a strange message displayed during order processing, and they are often re-directed to a payment page that does not look legitimate. 5. The company makes use of a general purpose eBusiness package (OSCommerce) and has a small team of six IT support professionals, but they do not feel that they have the expertise to carry out a full scale malware/forensic investigation. 6. As there is increased competition in the hi-tech domain, the company is anxious to ensure that their systems are not being compromised either internally or externally and they have employed a digital forensic investigator to determine whether any malicious activity has taken place, and to ensure that there is no malware within their systems. 7. The company uses Windows 10 for its servers. Patches are applied by the IT support team on a monthly basis, but the team has noticed that a number of machines do not seem to have been patched. 8. The company provides mobile devices (Apple iOS) to its employees and the iPhones are considered corporate assets. 9. The company also as several employees who use non- corporate mobile devices for work but they are not considered corporate assets. 10. The company uses Microsoft Exchange with an enterprise email server environment where every employee has their own corporate email account. 11. The company’s network is composed of routers, firewalls, hubs, and active directory domain servers. 12. Many of the employees also carry tech-wearables e.g. FitBit, smart watches, etc that can be plugged into a computer via a USB port for charging and/or for data transfer. 13. The company has several employees in the United States and several in the European Union region (EU) e.g. two of them
  • 3. are in Germany. 14. Your task, as an attorney and a trained forensic investigator, is to supervise a digital forensics investigation to see whether you can prepare a case against the perpetrators. 15. This task may require investigating all employees including emails, the network, mobile devices, computers, etc. 16. In addition to overseeing an investigation you are asked to advise the company of its legal rights e.g. what the company may or may not do especially if you are planning to collect devices or emails. Deliverables Your deliverable in this assignment is a 2-page report (no more than 3 pages please) discussing how you would approach the following Digital Forensic Investigation. As part of this report you should also: 1. Outline and discuss the methodology that you will use. 2. Provide a reasoned argument as to why the particular methodology (or methodologies) chosen is relevant. 3. Identify key facts and identify key considerations to consider from a technical / forensic standpoint that the company should consider. 4. Identify key facts and identify key considerations to consider from a legal standpoint that the company should consider. 5. Discuss in detail (step by step) the process that you will use to collect evidence and discuss the relevant guidelines that need to be followed when collecting digital evidence. 6. Be sure to back your reasoning with case law as applicable. Scott’s Hints 1. Spend some time thinking about how you want to frame this. 2. Look at your textbooks – and the chapters covered. Perhaps that would give you a good roadmap. 3. There are many obvious and non-obvious devices here. Spend some time listing there as well as perhaps think of others that may be included (but was not explicitly) called out. 4. Refresh your memory on the order of volatility, this may help
  • 4. you prioritize. 5. Are there some potential resources that I did not include in this fact pattern, but you think should be considered (one good example might be capture of email accounts from the back-end e.g. Exchange server). Why did I assign you this? Many real-world cybersecurity incidents have a lot of moving parts and you may be asked to quickly formulate a plan while ensuring it has a legal foundation. This is a good exercise as to how you can learn to put everything together. In addition, I think this might make a great interview segment for you where you can demonstrate to a potential employer of how much you have learned! This is also an open-ended assignment so many of you may approach this differently. This is fine so long you are mindful of the important forensic principles that we have learned together.