SlideShare a Scribd company logo

Name ________________________________  Class ____________Dat.docx

Download as DOCX, PDF
D
dohertyjoetta

Name: ________________________________  Class: ____________Date: __________  Severe & Hazardous Weather    Active Learning Exercises – Ed 4  Exercise 17.3  Features of a Downslope Windstorm          The diagram above is a cross section through a mountain range looking west to east. The  contours shown are streamlines of wind flow. A downslope windstorm is occurring. The gray  shaded region indicates the location of clouds. On the diagram, place letters where the features  listed below are located:    A.   Chinook Wall  B.   Rotor  C.   Hydraulic Jump  D.   Breaking waves  E.   Inversion  F.   Most severe winds at surface  G.   Shooting flow  H.   Snowstorm  Name: Class: Date: Chapter 7 Data Acquisition 1 Never Work on the Original Make forensically sound copies Keep a master copy and make several working copies Calculate a hash value of each copy and make sure they match Each copy must have a unique identifier Order of Volatility RAM Temporary files Local disks External storage media Network attached storage (NAS or SAN) Archival backups Memory and Running Processes Memory can hold passwords Can be difficult to extract, but in a pinch may be all you have Running processes can identify malware running on the system Routing tables can be extracted from memory Network connections reside in RAM Capturing Memory Memory is a device Memory can be dumped into a file The amount of memory capture may be different from the amount of installed RAM Some utilities capture device cache memory Some utilities don’t capture installed RAM devoted as a device cache Memory Capture Utilities Most commercial forensic suites offer memory capture capability DD utility (both Windows and Linux) Dumpit Memoryze Memory Capture Tips Keep your memory footprint to a minimum Run from a flash drive if possible Copy memory image to an external device Make sure device capturing image can handle large files Computers today have large amounts of RAM Many USB drives continue to be formatted to FAT32 (4GB maximum file size) Memory Capture Procedures Start the documentation process Run a batch file that collects user information, network connections, time/date, and open files Collect a memory dump Copy the paging file Copy any hibernation files Media Capture Document everything Use a forensic write-blocker when copying any data Do NOT use standard copy utilities to make copies Store all images on forensically sound media Disk Image File Formats DD Images (bit-for-bit) Expert Witness Format (EWF) Advanced Forensic Format (AFF) Safeback (by NTI) ILook Imager ProDiscover File Format Chapter 6 First Response and The Digital Investigator 1 Forensics and Computer Science Just what does “forensics” mean? Suitable for presentation in court Digital forensics combines legal process with technology The job of the digital forensic investigator NEVER do harm to the investigation Acquire evidence from computer devices that can be used as evidenc.

Education
1 of 13
Name: ________________________________ Class: ________ ____Date: __________ Severe & Hazardous Weather Active Learning Exercises – Ed 4 Exercise 17.3 Features of a Downslope Windstorm The diagram above is a cross section through a mountain range l ooking west to east. The contours shown are streamlines of wind flow. A downslope win dstorm is occurring. The gray shaded region indicates the location of clouds. On the diagram, place letters where the features listed below are located: A. Chinook Wall B. Rotor C. Hydraulic Jump D. Breaking waves E. Inversion F. Most severe winds at surface
G. Shooting flow H. Snowstorm Name: Class: Date: Chapter 7 Data Acquisition 1 Never Work on the Original Make forensically sound copies Keep a master copy and make several working copies Calculate a hash value of each copy and make sure they match Each copy must have a unique identifier Order of Volatility RAM Temporary files Local disks External storage media Network attached storage (NAS or SAN) Archival backups Memory and Running Processes Memory can hold passwords
Can be difficult to extract, but in a pinch may be all you have Running processes can identify malware running on the system Routing tables can be extracted from memory Network connections reside in RAM Capturing Memory Memory is a device Memory can be dumped into a file The amount of memory capture may be different from the amount of installed RAM Some utilities capture device cache memory Some utilities don’t capture installed RAM devoted as a device cache Memory Capture Utilities Most commercial forensic suites offer memory capture capability DD utility (both Windows and Linux) Dumpit Memoryze Memory Capture Tips Keep your memory footprint to a minimum Run from a flash drive if possible Copy memory image to an external device Make sure device capturing image can handle large files Computers today have large amounts of RAM Many USB drives continue to be formatted to FAT32 (4GB maximum file size) Memory Capture Procedures
Start the documentation process Run a batch file that collects user information, network connections, time/date, and open files Collect a memory dump Copy the paging file Copy any hibernation files Media Capture Document everything Use a forensic write-blocker when copying any data Do NOT use standard copy utilities to make copies Store all images on forensically sound media Disk Image File Formats DD Images (bit-for-bit) Expert Witness Format (EWF) Advanced Forensic Format (AFF) Safeback (by NTI) ILook Imager ProDiscover File Format Chapter 6 First Response and The Digital Investigator 1 Forensics and Computer Science
Just what does “forensics” mean? Suitable for presentation in court Digital forensics combines legal process with technology The job of the digital forensic investigator NEVER do harm to the investigation Acquire evidence from computer devices that can be used as evidence Locard’s Principle If you touch it, you change it Whatever a criminal touches, there is evidence to be found Whatever an investigator touches, there is evidence to be destroyed BUT… changing the evidence does not necessarily render it unusable Characteristics of Evidence Class characteristics A large group can share the same characteristic Used to narrow the search pattern Individual characteristics A descriptive element that is unique to a sample Colors are not unique—but serial numbers are Digital Versus Physical Evidence A paper document is physical May carry fingerprints or chemical elements to analyze Will not prove who created it Will not carry metadata for further analysis A digital document has the metadata and can be traced to the owner They are not the same piece of evidence
Digital Media A paper document that is burned is gone for good A digital document that is deleted can be restored Digital sources carry evidence of the document other than the document itself File system metadata Registry entries Temporary files First on the Scene Always find out who is in charge before you begin It will never be you There might be multiple “owners” of the scene Secure the scene People’s safety first Integrity of the evidence next Identify potential sources of evidence Document the Scene Take a LOT of photographs Always carry a digital camera Try to make it a point to also carry a video camera Make an inventory of all potential devices that might contain evidence (start a chain of custody) Make notes on your observations (and remember that they can be subpoenaed) Identifying Data Sources Obvious sources Computers PDAs Cell phones
External drives CDs Other media Less obvious sources Less Obvious Sources Digital cameras and video recorders Game machines Digital audio recorders Printer/Fax machines Answering machines Owner’s manuals may point to sources not present Handling Evidence Identify and photograph the evidence Document the evidence (make, model, S/N, etc.) Package the evidence for transport Should you block signals? Should power be maintained? Transport the evidence safely and securely Store the evidence safely and securely Chain of Custody Must identify the material in a way unique to that individual item One of the most critical pieces of documentation Follows each piece of evidence around everywhere it goes Must be updated each time it moves or changes hands Documenting Evidence Where was it found?
What state was it in? What time and on what date was it collected? Give a physical description of the evidence Type of device Capacity, condition, etc. Identify make, model, S/N if applicable Packaging Evidence Protect from impact Protect from electro-magnetic radiation Protect from extreme temperature and moisture Protect from tampering Make sure it is clearly labeled Transporting Evidence Never assume that a computer is stand-alone Determine if it should remain powered up If it must be shut down, document the state of the computer before breaking it down What application was active? Running processes (if possible) Network connections (if possible) Protect portable devices and media from external corruption Storing Evidence Chain of custody rules apply to storage Log in/log out must include who, what, when, where, and why Rules of protection during transport apply equally to storage Access to storage must be limited and monitored Disposition of Evidence
When the job is done, evidence must be destroyed or returned All contraband must be destroyed, regardless of provenance Private or intellectual property may be either returned or destroyed, depending on the courts If destroyed, the material must be rendered completely unrecoverable Name: ________________________________ Class: ________ ____Date: __________ Severe & Hazardous Weather Active Learning Exercises – Ed 4 Exercise 16.2 Pressure Patterns, Wind Flow, and Mountain Sn ows The four surface maps below each show the sea level pressure distribution across the western United States on different days in January. 1. Draw arrows around the pressure systems to indicate wind direction. (The first one is done for you.) 2. Shade in the regions on each map where the wind direction is favorable for the development of snow in the mountains of the western United States. 3. If the snow would fall on the east slope of the Rockies, label it “upslope snow.”
Name: Class: Date: Text 1: Text 2: Text 3: 1.2 – Case Study Case studies are accident accounts that can provide valuable insight into how people make decisions that lead to accidents. Read the following case study (or one supplied by the instructor) and consider how the components of the AIARE DMF apply to the decisions that were made. These are not “Darwin Award” candidates. They are regular backcountry recreationists who’s decisions led to unwanted consequences. Note that while this incident affected recreational backcountry users, professionals have made similar mistakes. This story underscores the fact that all humans are capable of making poor decisions. Following the case study there is an exercise to complete. While reading, make a note of any factors outlined in the DMF that in retrospect could have alerted the group about the risk to which they were exposing themselves. How could the team have created and chosen better options for the day? How could they have increased their margin of safety and still accomplished their goals? ACCIDENT REPORT: OHIO PASS, COLORADO Date: February 25, 2001 Location: East Bowl in the Anthracite Range, 7 miles west of
Crested Butte, CO. The account below is condensed from a report written by Dale Atkins, who investigated the accident for the CAIC: The day dawned clear and cold after a 10” snowfall the day before. A group of 5 friends - two men and three women - met at the Kebler Pass trailhead and snowmobiled into the Anthracite Range, approximately 7 miles from Crested Butte, for a day of powder skiing in the backcountry. All of the group were experienced backcountry travellers familiar with the terrain, most having lived and skied in the area for 15 plus years. One member of the party was former ski patroller. Everyone had formal avalanche training and carried a transceiver, shovel and probe. The public avalanche bulletin that day reported a danger level of “moderate with pockets of considerable at or near treeline.” The bulletin also noted that backcountry skiers in the Crested Butte area had reported triggering avalanches recently but had no information about where or when the avalanches had occurred. That day, the group left early and did not access the bulletin. The day was going well as the group skied laps on 30+ degree slopes in treed and open runs generally on northern facing aspects. The snow was perfect and they experienced no cracking and saw no avalanches. There were two other groups skiing in the same area. On their last run they decided to ski “East Bowl” one of the available routes down to the snowmobiles. East Bowl, as the name implies, faces east and is a mix of treed and open slopes with a variety of terrain features such as convexities, wind rolls, small cliffs and many small trees. In general it is steeper than the terrain the group had been skiing that day with slope angles
between 25-45 degrees. At the top, the group saw two ski tracks leading into the bowl. All was progressing fine when part way down the group split up into one group of 2 and one group of 3 with the plan to meet on a shelf in the trees above the last pitch. The group of 2 (Mitch and Sue) split up with Mitch skiing to the bottom beyond the meeting point and the other, Sue, meeting the group of 3, above the last pitch, insight of the snowmobiles at the bottom. The group had voice contact with Mitch at the bottom of the run a short distance away and Sue decided to traverse over to where he had skied down. On the traverse to the slope that Mitch had descended she intersected with a steep rollover, triggered and was caught in an avalanche. Sue remained on the surface but sustained a fatal head injury and died at the scene. Crested Butte lost a cherished member of the community that day. 11 ACTIVITY: Discuss the case study and the accident summary with your group. Assume the role of an accident investigator. Using both the case study story and the accident summary, seek clues to causes of the accident. List the clues in the appropriate categories below. Choose Terrain Travel Wisely Observe
Avalanche Activity Snowpack Weather Plan Teamwork 12

Recommended

Introduction To Forensic Methodologies
Introduction To Forensic MethodologiesIntroduction To Forensic Methodologies
Introduction To Forensic MethodologiesLedjit
 
Analysis of digital evidence
Analysis of digital evidenceAnalysis of digital evidence
Analysis of digital evidencerakesh mishra
 
computer forensics
computer forensicscomputer forensics
computer forensicsAkhil Kumar
 
Distribution and Environment Study
Distribution and Environment StudyDistribution and Environment Study
Distribution and Environment Studyマルセロ 白井
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsRamesh Ogania
 
Evidence Seizure Ctin Version Draft Sent To Sandy For Polishing
Evidence Seizure Ctin Version Draft Sent To Sandy For PolishingEvidence Seizure Ctin Version Draft Sent To Sandy For Polishing
Evidence Seizure Ctin Version Draft Sent To Sandy For PolishingCTIN
 
Bag and Tag
Bag and TagBag and Tag
Bag and TagCTIN
 
computer forensics
computer forensicscomputer forensics
computer forensicsAmit Singh
 

Recommended

Introduction To Forensic Methodologies
Introduction To Forensic MethodologiesIntroduction To Forensic Methodologies
Introduction To Forensic MethodologiesLedjit
 
Analysis of digital evidence
Analysis of digital evidenceAnalysis of digital evidence
Analysis of digital evidencerakesh mishra
 
computer forensics
computer forensicscomputer forensics
computer forensicsAkhil Kumar
 
Distribution and Environment Study
Distribution and Environment StudyDistribution and Environment Study
Distribution and Environment Studyマルセロ 白井
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsRamesh Ogania
 
Evidence Seizure Ctin Version Draft Sent To Sandy For Polishing
Evidence Seizure Ctin Version Draft Sent To Sandy For PolishingEvidence Seizure Ctin Version Draft Sent To Sandy For Polishing
Evidence Seizure Ctin Version Draft Sent To Sandy For PolishingCTIN
 
Bag and Tag
Bag and TagBag and Tag
Bag and TagCTIN
 
computer forensics
computer forensicscomputer forensics
computer forensicsAmit Singh
 
Evidence Seizure Sandyb
Evidence Seizure SandybEvidence Seizure Sandyb
Evidence Seizure SandybCTIN
 
Evidence Seizure Ctin Version Draft
Evidence Seizure Ctin Version DraftEvidence Seizure Ctin Version Draft
Evidence Seizure Ctin Version DraftCTIN
 
AAR Investigation Of Electronic Evidence
AAR Investigation Of Electronic EvidenceAAR Investigation Of Electronic Evidence
AAR Investigation Of Electronic EvidenceJohn Jablonski
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsdeaneal
 
computerforensics-140529094816-phpapp01 (1).pdf
computerforensics-140529094816-phpapp01 (1).pdfcomputerforensics-140529094816-phpapp01 (1).pdf
computerforensics-140529094816-phpapp01 (1).pdfGnanavi2
 
Digital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDigital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDr Raghu Khimani
 
Research and discuss two operating systems and how incident response.pdf
Research and discuss two operating systems and how incident response.pdfResearch and discuss two operating systems and how incident response.pdf
Research and discuss two operating systems and how incident response.pdfoptokunal1
 
PACE-IT: Basic Forensic Concepts
PACE-IT: Basic Forensic ConceptsPACE-IT: Basic Forensic Concepts
PACE-IT: Basic Forensic ConceptsPace IT at Edmonds Community College
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics pptNikhil Mashruwala
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer ForensicsDaksh Verma
 
Individual and Corporate Servant LeadersIndividual Servant Leade.docx
Individual and Corporate Servant LeadersIndividual Servant Leade.docxIndividual and Corporate Servant LeadersIndividual Servant Leade.docx
Individual and Corporate Servant LeadersIndividual Servant Leade.docxannettsparrow
 
Sound E-Discovery Collection Practices
Sound E-Discovery Collection PracticesSound E-Discovery Collection Practices
Sound E-Discovery Collection PracticesSeth Row
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkitMilap Oza
 
2022-05-12 Live Forensics for Law Enforcement @UniPD
2022-05-12 Live Forensics for Law Enforcement @UniPD2022-05-12 Live Forensics for Law Enforcement @UniPD
2022-05-12 Live Forensics for Law Enforcement @UniPDDavide Gabrini
 
Evidence Seizure
Evidence SeizureEvidence Seizure
Evidence SeizureCTIN
 
Sujit
SujitSujit
SujitSujit George
 
Computer Forensics Bootcamp
Computer Forensics BootcampComputer Forensics Bootcamp
Computer Forensics BootcampnCircle - a Tripwire Company
 
Cyber forensics
Cyber forensicsCyber forensics
Cyber forensicspranjal dutta
 
Congregations and Safety
Congregations and SafetyCongregations and Safety
Congregations and SafetyMidAmerica Region UUA
 
Evidence Seizure Level One
Evidence Seizure Level OneEvidence Seizure Level One
Evidence Seizure Level OneCTIN
 
NETWORKING SYSTEMS .docx
NETWORKING SYSTEMS .docxNETWORKING SYSTEMS .docx
NETWORKING SYSTEMS .docxdohertyjoetta
 
NEURAL NETWORKS 3Neural NetworksName Group .docx
NEURAL NETWORKS 3Neural NetworksName Group .docxNEURAL NETWORKS 3Neural NetworksName Group .docx
NEURAL NETWORKS 3Neural NetworksName Group .docxdohertyjoetta
 

More Related Content

Similar to Name ________________________________  Class ____________Dat.docx

Evidence Seizure Sandyb
Evidence Seizure SandybEvidence Seizure Sandyb
Evidence Seizure SandybCTIN
 
Evidence Seizure Ctin Version Draft
Evidence Seizure Ctin Version DraftEvidence Seizure Ctin Version Draft
Evidence Seizure Ctin Version DraftCTIN
 
AAR Investigation Of Electronic Evidence
AAR Investigation Of Electronic EvidenceAAR Investigation Of Electronic Evidence
AAR Investigation Of Electronic EvidenceJohn Jablonski
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsdeaneal
 
computerforensics-140529094816-phpapp01 (1).pdf
computerforensics-140529094816-phpapp01 (1).pdfcomputerforensics-140529094816-phpapp01 (1).pdf
computerforensics-140529094816-phpapp01 (1).pdfGnanavi2
 
Digital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDigital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDr Raghu Khimani
 
Research and discuss two operating systems and how incident response.pdf
Research and discuss two operating systems and how incident response.pdfResearch and discuss two operating systems and how incident response.pdf
Research and discuss two operating systems and how incident response.pdfoptokunal1
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer ForensicsDaksh Verma
 
Individual and Corporate Servant LeadersIndividual Servant Leade.docx
Individual and Corporate Servant LeadersIndividual Servant Leade.docxIndividual and Corporate Servant LeadersIndividual Servant Leade.docx
Individual and Corporate Servant LeadersIndividual Servant Leade.docxannettsparrow
 
Sound E-Discovery Collection Practices
Sound E-Discovery Collection PracticesSound E-Discovery Collection Practices
Sound E-Discovery Collection PracticesSeth Row
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkitMilap Oza
 
2022-05-12 Live Forensics for Law Enforcement @UniPD
2022-05-12 Live Forensics for Law Enforcement @UniPD2022-05-12 Live Forensics for Law Enforcement @UniPD
2022-05-12 Live Forensics for Law Enforcement @UniPDDavide Gabrini
 
Evidence Seizure
Evidence SeizureEvidence Seizure
Evidence SeizureCTIN
 
Evidence Seizure Level One
Evidence Seizure Level OneEvidence Seizure Level One
Evidence Seizure Level OneCTIN
 

Similar to Name ________________________________  Class ____________Dat.docx (20)

Evidence Seizure Sandyb
Evidence Seizure SandybEvidence Seizure Sandyb
Evidence Seizure Sandyb
 
Evidence Seizure Ctin Version Draft
Evidence Seizure Ctin Version DraftEvidence Seizure Ctin Version Draft
Evidence Seizure Ctin Version Draft
 
AAR Investigation Of Electronic Evidence
AAR Investigation Of Electronic EvidenceAAR Investigation Of Electronic Evidence
AAR Investigation Of Electronic Evidence
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
 
computerforensics-140529094816-phpapp01 (1).pdf
computerforensics-140529094816-phpapp01 (1).pdfcomputerforensics-140529094816-phpapp01 (1).pdf
computerforensics-140529094816-phpapp01 (1).pdf
 
Digital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDigital Evidence by Raghu Khimani
Digital Evidence by Raghu Khimani
 
Research and discuss two operating systems and how incident response.pdf
Research and discuss two operating systems and how incident response.pdfResearch and discuss two operating systems and how incident response.pdf
Research and discuss two operating systems and how incident response.pdf
 
PACE-IT: Basic Forensic Concepts
PACE-IT: Basic Forensic ConceptsPACE-IT: Basic Forensic Concepts
PACE-IT: Basic Forensic Concepts
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics ppt
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensics
 
Individual and Corporate Servant LeadersIndividual Servant Leade.docx
Individual and Corporate Servant LeadersIndividual Servant Leade.docxIndividual and Corporate Servant LeadersIndividual Servant Leade.docx
Individual and Corporate Servant LeadersIndividual Servant Leade.docx
 
Sound E-Discovery Collection Practices
Sound E-Discovery Collection PracticesSound E-Discovery Collection Practices
Sound E-Discovery Collection Practices
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkit
 
2022-05-12 Live Forensics for Law Enforcement @UniPD
2022-05-12 Live Forensics for Law Enforcement @UniPD2022-05-12 Live Forensics for Law Enforcement @UniPD
2022-05-12 Live Forensics for Law Enforcement @UniPD
 
Evidence Seizure
Evidence SeizureEvidence Seizure
Evidence Seizure
 
Sujit
SujitSujit
Sujit
 
Computer Forensics Bootcamp
Computer Forensics BootcampComputer Forensics Bootcamp
Computer Forensics Bootcamp
 
Cyber forensics
Cyber forensicsCyber forensics
Cyber forensics
 
Congregations and Safety
Congregations and SafetyCongregations and Safety
Congregations and Safety
 
Evidence Seizure Level One
Evidence Seizure Level OneEvidence Seizure Level One
Evidence Seizure Level One
 

More from dohertyjoetta

NETWORKING SYSTEMS .docx
NETWORKING SYSTEMS .docxNETWORKING SYSTEMS .docx
NETWORKING SYSTEMS .docxdohertyjoetta
 
NEURAL NETWORKS 3Neural NetworksName Group .docx
NEURAL NETWORKS 3Neural NetworksName Group .docxNEURAL NETWORKS 3Neural NetworksName Group .docx
NEURAL NETWORKS 3Neural NetworksName Group .docxdohertyjoetta
 
Neo-psychoanalytic approaches to personality include theorists such .docx
Neo-psychoanalytic approaches to personality include theorists such .docxNeo-psychoanalytic approaches to personality include theorists such .docx
Neo-psychoanalytic approaches to personality include theorists such .docxdohertyjoetta
 
Neoliberalism In what ways does the world of Oryx and Crake reflect.docx
Neoliberalism In what ways does the world of Oryx and Crake reflect.docxNeoliberalism In what ways does the world of Oryx and Crake reflect.docx
Neoliberalism In what ways does the world of Oryx and Crake reflect.docxdohertyjoetta
 
Negligent Tort LiabilityPrior to beginning work on this assi.docx
Negligent Tort LiabilityPrior to beginning work on this assi.docxNegligent Tort LiabilityPrior to beginning work on this assi.docx
Negligent Tort LiabilityPrior to beginning work on this assi.docxdohertyjoetta
 
Needs to be at least 250 words with at least 1 scholarly article wit.docx
Needs to be at least 250 words with at least 1 scholarly article wit.docxNeeds to be at least 250 words with at least 1 scholarly article wit.docx
Needs to be at least 250 words with at least 1 scholarly article wit.docxdohertyjoetta
 
Need to write a Research proposal for 5 to 6 pages for above top.docx
Need to write a Research proposal for 5 to 6 pages for above top.docxNeed to write a Research proposal for 5 to 6 pages for above top.docx
Need to write a Research proposal for 5 to 6 pages for above top.docxdohertyjoetta
 
New England Journal of Public Policy Reconnecting the Brok.docx
New England Journal of Public Policy Reconnecting the Brok.docxNew England Journal of Public Policy Reconnecting the Brok.docx
New England Journal of Public Policy Reconnecting the Brok.docxdohertyjoetta
 
Neuroscience meets cryptography ( This is the topic for research p.docx
Neuroscience meets cryptography ( This is the topic for research p.docxNeuroscience meets cryptography ( This is the topic for research p.docx
Neuroscience meets cryptography ( This is the topic for research p.docxdohertyjoetta
 
Network Security Essentials Applications and StandardsSixth E.docx
Network Security Essentials Applications and StandardsSixth E.docxNetwork Security Essentials Applications and StandardsSixth E.docx
Network Security Essentials Applications and StandardsSixth E.docxdohertyjoetta
 
NETW204 Class Project This project includes three phases. .docx
NETW204 Class Project This project includes three phases. .docxNETW204 Class Project This project includes three phases. .docx
NETW204 Class Project This project includes three phases. .docxdohertyjoetta
 
Network forensics is considered a very hard problem for a number of .docx
Network forensics is considered a very hard problem for a number of .docxNetwork forensics is considered a very hard problem for a number of .docx
Network forensics is considered a very hard problem for a number of .docxdohertyjoetta
 
Network Design Proposal TemplateNetwork Design Proposal.docx
Network Design Proposal TemplateNetwork Design Proposal.docxNetwork Design Proposal TemplateNetwork Design Proposal.docx
Network Design Proposal TemplateNetwork Design Proposal.docxdohertyjoetta
 
Netflix’s strategy of moving to a streaming service has been widely .docx
Netflix’s strategy of moving to a streaming service has been widely .docxNetflix’s strategy of moving to a streaming service has been widely .docx
Netflix’s strategy of moving to a streaming service has been widely .docxdohertyjoetta
 
Network DesignScenarioThe Corporation Techs’ current network.docx
Network DesignScenarioThe Corporation Techs’ current network.docxNetwork DesignScenarioThe Corporation Techs’ current network.docx
Network DesignScenarioThe Corporation Techs’ current network.docxdohertyjoetta
 
Netflix is glowing. We had a beautiful Q4,” the company preen.docx
Netflix is glowing. We had a beautiful Q4,” the company preen.docxNetflix is glowing. We had a beautiful Q4,” the company preen.docx
Netflix is glowing. We had a beautiful Q4,” the company preen.docxdohertyjoetta
 
Netflix is an American media service provider founded by Reed Hastin.docx
Netflix is an American media service provider founded by Reed Hastin.docxNetflix is an American media service provider founded by Reed Hastin.docx
Netflix is an American media service provider founded by Reed Hastin.docxdohertyjoetta
 
Nelson v. James H. Knight DDS, P.C., 834 N.W.2d 64 (Iowa 2013).docx
Nelson v. James H. Knight DDS, P.C., 834 N.W.2d 64 (Iowa 2013).docxNelson v. James H. Knight DDS, P.C., 834 N.W.2d 64 (Iowa 2013).docx
Nelson v. James H. Knight DDS, P.C., 834 N.W.2d 64 (Iowa 2013).docxdohertyjoetta
 
Negrin 1Negrin 5Claudia NegrinProfessor Oscar GonzalezENC1.docx
Negrin 1Negrin 5Claudia NegrinProfessor Oscar GonzalezENC1.docxNegrin 1Negrin 5Claudia NegrinProfessor Oscar GonzalezENC1.docx
Negrin 1Negrin 5Claudia NegrinProfessor Oscar GonzalezENC1.docxdohertyjoetta
 
Needs to be 2 pages. APA format. Tie the three interpersonal concept.docx
Needs to be 2 pages. APA format. Tie the three interpersonal concept.docxNeeds to be 2 pages. APA format. Tie the three interpersonal concept.docx
Needs to be 2 pages. APA format. Tie the three interpersonal concept.docxdohertyjoetta
 

More from dohertyjoetta (20)

NETWORKING SYSTEMS .docx
NETWORKING SYSTEMS .docxNETWORKING SYSTEMS .docx
NETWORKING SYSTEMS .docx
 
NEURAL NETWORKS 3Neural NetworksName Group .docx
NEURAL NETWORKS 3Neural NetworksName Group .docxNEURAL NETWORKS 3Neural NetworksName Group .docx
NEURAL NETWORKS 3Neural NetworksName Group .docx
 
Neo-psychoanalytic approaches to personality include theorists such .docx
Neo-psychoanalytic approaches to personality include theorists such .docxNeo-psychoanalytic approaches to personality include theorists such .docx
Neo-psychoanalytic approaches to personality include theorists such .docx
 
Neoliberalism In what ways does the world of Oryx and Crake reflect.docx
Neoliberalism In what ways does the world of Oryx and Crake reflect.docxNeoliberalism In what ways does the world of Oryx and Crake reflect.docx
Neoliberalism In what ways does the world of Oryx and Crake reflect.docx
 
Negligent Tort LiabilityPrior to beginning work on this assi.docx
Negligent Tort LiabilityPrior to beginning work on this assi.docxNegligent Tort LiabilityPrior to beginning work on this assi.docx
Negligent Tort LiabilityPrior to beginning work on this assi.docx
 
Needs to be at least 250 words with at least 1 scholarly article wit.docx
Needs to be at least 250 words with at least 1 scholarly article wit.docxNeeds to be at least 250 words with at least 1 scholarly article wit.docx
Needs to be at least 250 words with at least 1 scholarly article wit.docx
 
Need to write a Research proposal for 5 to 6 pages for above top.docx
Need to write a Research proposal for 5 to 6 pages for above top.docxNeed to write a Research proposal for 5 to 6 pages for above top.docx
Need to write a Research proposal for 5 to 6 pages for above top.docx
 
New England Journal of Public Policy Reconnecting the Brok.docx
New England Journal of Public Policy Reconnecting the Brok.docxNew England Journal of Public Policy Reconnecting the Brok.docx
New England Journal of Public Policy Reconnecting the Brok.docx
 
Neuroscience meets cryptography ( This is the topic for research p.docx
Neuroscience meets cryptography ( This is the topic for research p.docxNeuroscience meets cryptography ( This is the topic for research p.docx
Neuroscience meets cryptography ( This is the topic for research p.docx
 
Network Security Essentials Applications and StandardsSixth E.docx
Network Security Essentials Applications and StandardsSixth E.docxNetwork Security Essentials Applications and StandardsSixth E.docx
Network Security Essentials Applications and StandardsSixth E.docx
 
NETW204 Class Project This project includes three phases. .docx
NETW204 Class Project This project includes three phases. .docxNETW204 Class Project This project includes three phases. .docx
NETW204 Class Project This project includes three phases. .docx
 
Network forensics is considered a very hard problem for a number of .docx
Network forensics is considered a very hard problem for a number of .docxNetwork forensics is considered a very hard problem for a number of .docx
Network forensics is considered a very hard problem for a number of .docx
 
Network Design Proposal TemplateNetwork Design Proposal.docx
Network Design Proposal TemplateNetwork Design Proposal.docxNetwork Design Proposal TemplateNetwork Design Proposal.docx
Network Design Proposal TemplateNetwork Design Proposal.docx
 
Netflix’s strategy of moving to a streaming service has been widely .docx
Netflix’s strategy of moving to a streaming service has been widely .docxNetflix’s strategy of moving to a streaming service has been widely .docx
Netflix’s strategy of moving to a streaming service has been widely .docx
 
Network DesignScenarioThe Corporation Techs’ current network.docx
Network DesignScenarioThe Corporation Techs’ current network.docxNetwork DesignScenarioThe Corporation Techs’ current network.docx
Network DesignScenarioThe Corporation Techs’ current network.docx
 
Netflix is glowing. We had a beautiful Q4,” the company preen.docx
Netflix is glowing. We had a beautiful Q4,” the company preen.docxNetflix is glowing. We had a beautiful Q4,” the company preen.docx
Netflix is glowing. We had a beautiful Q4,” the company preen.docx
 
Netflix is an American media service provider founded by Reed Hastin.docx
Netflix is an American media service provider founded by Reed Hastin.docxNetflix is an American media service provider founded by Reed Hastin.docx
Netflix is an American media service provider founded by Reed Hastin.docx
 
Nelson v. James H. Knight DDS, P.C., 834 N.W.2d 64 (Iowa 2013).docx
Nelson v. James H. Knight DDS, P.C., 834 N.W.2d 64 (Iowa 2013).docxNelson v. James H. Knight DDS, P.C., 834 N.W.2d 64 (Iowa 2013).docx
Nelson v. James H. Knight DDS, P.C., 834 N.W.2d 64 (Iowa 2013).docx
 
Negrin 1Negrin 5Claudia NegrinProfessor Oscar GonzalezENC1.docx
Negrin 1Negrin 5Claudia NegrinProfessor Oscar GonzalezENC1.docxNegrin 1Negrin 5Claudia NegrinProfessor Oscar GonzalezENC1.docx
Negrin 1Negrin 5Claudia NegrinProfessor Oscar GonzalezENC1.docx
 
Needs to be 2 pages. APA format. Tie the three interpersonal concept.docx
Needs to be 2 pages. APA format. Tie the three interpersonal concept.docxNeeds to be 2 pages. APA format. Tie the three interpersonal concept.docx
Needs to be 2 pages. APA format. Tie the three interpersonal concept.docx
 

Recently uploaded

Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppCeline George
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfSumit Tiwari
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docxPoojaSen20
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 

Recently uploaded (20)

Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website App
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docx
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 

Name ________________________________  Class ____________Dat.docx

  • 1. Name: ________________________________ Class: ________ ____Date: __________ Severe & Hazardous Weather Active Learning Exercises – Ed 4 Exercise 17.3 Features of a Downslope Windstorm The diagram above is a cross section through a mountain range l ooking west to east. The contours shown are streamlines of wind flow. A downslope win dstorm is occurring. The gray shaded region indicates the location of clouds. On the diagram, place letters where the features listed below are located: A. Chinook Wall B. Rotor C. Hydraulic Jump D. Breaking waves E. Inversion F. Most severe winds at surface
  • 2. G. Shooting flow H. Snowstorm Name: Class: Date: Chapter 7 Data Acquisition 1 Never Work on the Original Make forensically sound copies Keep a master copy and make several working copies Calculate a hash value of each copy and make sure they match Each copy must have a unique identifier Order of Volatility RAM Temporary files Local disks External storage media Network attached storage (NAS or SAN) Archival backups Memory and Running Processes Memory can hold passwords
  • 3. Can be difficult to extract, but in a pinch may be all you have Running processes can identify malware running on the system Routing tables can be extracted from memory Network connections reside in RAM Capturing Memory Memory is a device Memory can be dumped into a file The amount of memory capture may be different from the amount of installed RAM Some utilities capture device cache memory Some utilities don’t capture installed RAM devoted as a device cache Memory Capture Utilities Most commercial forensic suites offer memory capture capability DD utility (both Windows and Linux) Dumpit Memoryze Memory Capture Tips Keep your memory footprint to a minimum Run from a flash drive if possible Copy memory image to an external device Make sure device capturing image can handle large files Computers today have large amounts of RAM Many USB drives continue to be formatted to FAT32 (4GB maximum file size) Memory Capture Procedures
  • 4. Start the documentation process Run a batch file that collects user information, network connections, time/date, and open files Collect a memory dump Copy the paging file Copy any hibernation files Media Capture Document everything Use a forensic write-blocker when copying any data Do NOT use standard copy utilities to make copies Store all images on forensically sound media Disk Image File Formats DD Images (bit-for-bit) Expert Witness Format (EWF) Advanced Forensic Format (AFF) Safeback (by NTI) ILook Imager ProDiscover File Format Chapter 6 First Response and The Digital Investigator 1 Forensics and Computer Science
  • 5. Just what does “forensics” mean? Suitable for presentation in court Digital forensics combines legal process with technology The job of the digital forensic investigator NEVER do harm to the investigation Acquire evidence from computer devices that can be used as evidence Locard’s Principle If you touch it, you change it Whatever a criminal touches, there is evidence to be found Whatever an investigator touches, there is evidence to be destroyed BUT… changing the evidence does not necessarily render it unusable Characteristics of Evidence Class characteristics A large group can share the same characteristic Used to narrow the search pattern Individual characteristics A descriptive element that is unique to a sample Colors are not unique—but serial numbers are Digital Versus Physical Evidence A paper document is physical May carry fingerprints or chemical elements to analyze Will not prove who created it Will not carry metadata for further analysis A digital document has the metadata and can be traced to the owner They are not the same piece of evidence
  • 6. Digital Media A paper document that is burned is gone for good A digital document that is deleted can be restored Digital sources carry evidence of the document other than the document itself File system metadata Registry entries Temporary files First on the Scene Always find out who is in charge before you begin It will never be you There might be multiple “owners” of the scene Secure the scene People’s safety first Integrity of the evidence next Identify potential sources of evidence Document the Scene Take a LOT of photographs Always carry a digital camera Try to make it a point to also carry a video camera Make an inventory of all potential devices that might contain evidence (start a chain of custody) Make notes on your observations (and remember that they can be subpoenaed) Identifying Data Sources Obvious sources Computers PDAs Cell phones
  • 7. External drives CDs Other media Less obvious sources Less Obvious Sources Digital cameras and video recorders Game machines Digital audio recorders Printer/Fax machines Answering machines Owner’s manuals may point to sources not present Handling Evidence Identify and photograph the evidence Document the evidence (make, model, S/N, etc.) Package the evidence for transport Should you block signals? Should power be maintained? Transport the evidence safely and securely Store the evidence safely and securely Chain of Custody Must identify the material in a way unique to that individual item One of the most critical pieces of documentation Follows each piece of evidence around everywhere it goes Must be updated each time it moves or changes hands Documenting Evidence Where was it found?
  • 8. What state was it in? What time and on what date was it collected? Give a physical description of the evidence Type of device Capacity, condition, etc. Identify make, model, S/N if applicable Packaging Evidence Protect from impact Protect from electro-magnetic radiation Protect from extreme temperature and moisture Protect from tampering Make sure it is clearly labeled Transporting Evidence Never assume that a computer is stand-alone Determine if it should remain powered up If it must be shut down, document the state of the computer before breaking it down What application was active? Running processes (if possible) Network connections (if possible) Protect portable devices and media from external corruption Storing Evidence Chain of custody rules apply to storage Log in/log out must include who, what, when, where, and why Rules of protection during transport apply equally to storage Access to storage must be limited and monitored Disposition of Evidence
  • 9. When the job is done, evidence must be destroyed or returned All contraband must be destroyed, regardless of provenance Private or intellectual property may be either returned or destroyed, depending on the courts If destroyed, the material must be rendered completely unrecoverable Name: ________________________________ Class: ________ ____Date: __________ Severe & Hazardous Weather Active Learning Exercises – Ed 4 Exercise 16.2 Pressure Patterns, Wind Flow, and Mountain Sn ows The four surface maps below each show the sea level pressure distribution across the western United States on different days in January. 1. Draw arrows around the pressure systems to indicate wind direction. (The first one is done for you.) 2. Shade in the regions on each map where the wind direction is favorable for the development of snow in the mountains of the western United States. 3. If the snow would fall on the east slope of the Rockies, label it “upslope snow.”
  • 10. Name: Class: Date: Text 1: Text 2: Text 3: 1.2 – Case Study Case studies are accident accounts that can provide valuable insight into how people make decisions that lead to accidents. Read the following case study (or one supplied by the instructor) and consider how the components of the AIARE DMF apply to the decisions that were made. These are not “Darwin Award” candidates. They are regular backcountry recreationists who’s decisions led to unwanted consequences. Note that while this incident affected recreational backcountry users, professionals have made similar mistakes. This story underscores the fact that all humans are capable of making poor decisions. Following the case study there is an exercise to complete. While reading, make a note of any factors outlined in the DMF that in retrospect could have alerted the group about the risk to which they were exposing themselves. How could the team have created and chosen better options for the day? How could they have increased their margin of safety and still accomplished their goals? ACCIDENT REPORT: OHIO PASS, COLORADO Date: February 25, 2001 Location: East Bowl in the Anthracite Range, 7 miles west of
  • 11. Crested Butte, CO. The account below is condensed from a report written by Dale Atkins, who investigated the accident for the CAIC: The day dawned clear and cold after a 10” snowfall the day before. A group of 5 friends - two men and three women - met at the Kebler Pass trailhead and snowmobiled into the Anthracite Range, approximately 7 miles from Crested Butte, for a day of powder skiing in the backcountry. All of the group were experienced backcountry travellers familiar with the terrain, most having lived and skied in the area for 15 plus years. One member of the party was former ski patroller. Everyone had formal avalanche training and carried a transceiver, shovel and probe. The public avalanche bulletin that day reported a danger level of “moderate with pockets of considerable at or near treeline.” The bulletin also noted that backcountry skiers in the Crested Butte area had reported triggering avalanches recently but had no information about where or when the avalanches had occurred. That day, the group left early and did not access the bulletin. The day was going well as the group skied laps on 30+ degree slopes in treed and open runs generally on northern facing aspects. The snow was perfect and they experienced no cracking and saw no avalanches. There were two other groups skiing in the same area. On their last run they decided to ski “East Bowl” one of the available routes down to the snowmobiles. East Bowl, as the name implies, faces east and is a mix of treed and open slopes with a variety of terrain features such as convexities, wind rolls, small cliffs and many small trees. In general it is steeper than the terrain the group had been skiing that day with slope angles
  • 12. between 25-45 degrees. At the top, the group saw two ski tracks leading into the bowl. All was progressing fine when part way down the group split up into one group of 2 and one group of 3 with the plan to meet on a shelf in the trees above the last pitch. The group of 2 (Mitch and Sue) split up with Mitch skiing to the bottom beyond the meeting point and the other, Sue, meeting the group of 3, above the last pitch, insight of the snowmobiles at the bottom. The group had voice contact with Mitch at the bottom of the run a short distance away and Sue decided to traverse over to where he had skied down. On the traverse to the slope that Mitch had descended she intersected with a steep rollover, triggered and was caught in an avalanche. Sue remained on the surface but sustained a fatal head injury and died at the scene. Crested Butte lost a cherished member of the community that day. 11 ACTIVITY: Discuss the case study and the accident summary with your group. Assume the role of an accident investigator. Using both the case study story and the accident summary, seek clues to causes of the accident. List the clues in the appropriate categories below. Choose Terrain Travel Wisely Observe