Scribd
Upload
577 views

D431 Task 1 Steps To Success

The document provides guidance on completing Task 1 which involves creating an investigative plan of action for a digital forensic investigation. It outlines six key areas to address including strategy, tools and techniques, evidence collection and preservation, evidence examination, conclusions, and presentation of findings.

Uploaded by

Allyson N Lettie
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
577 views

D431 Task 1 Steps To Success

The document provides guidance on completing Task 1 which involves creating an investigative plan of action for a digital forensic investigation. It outlines six key areas to address including strategy, tools and techniques, evidence collection and preservation, evidence examination, conclusions, and presentation of findings.

Uploaded by

Allyson N Lettie
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

STEPS TO SUCCESS DOCUMENT

C840 TASK 1

A. Create an investigative plan of action based on forensic best practices or


standards that your team will implement by doing the following:

A1: Strategy- Discuss the strategy that your team will use to both maximize the
collection of evidence and minimize the impact on the organization.

STEP 1. How will I prepare the investigation team? Will you brief the group on who, what,
when, where, and why? What is the goal?

STEP 2. How do we acquire the data? Secure the scene? Remove all unnecessary
personnel? Use of a write blocker? Data extraction tool?

Should we execute a memory acquisition on the host machine to ensure volatile data
(evidence) is preserved? What about Making a disk image of the device with hash values?
What tools are we using?

A2: Tools and Techniques- Describe the tools and techniques your team will use in
evidence gathering, preparation, and analysis.

Which forensics tools will you use? FTK? Encase?

A3: Collection and Preservation of Evidence- Describe how your team will collect and
preserve required evidence, using standardized and accepted procedures.

Have you addressed chain of custody? How will the data be housed?

https://access.wgu.edu/ASP3/aap/content/seizing_electronic_evidence.pdf
https://access.wgu.edu/ASP3/aap/content/c840_forensics_frameworks.pdf

A4: Examination of Evidence- Describe how your team will examine the seized evidence
to determine which items are related to the suspected violation of company policy.

What best practice or procedures will you use? What indicators have you received in the course
scenario that you should be looking for immediately!

A5: Approach to Drawing Conclusions- Discuss an approach that your team will use to
draw conclusions based on the digital evidence that supports the claim of a policy
violation.

Will the investigation be conducted in accordance with company policy? Will any data be
altered? Will the conclusion be based on sound evidence?
A6: Presentation of Details and Conclusions- Discuss how the case details and
conclusions should be presented to senior management.

Will the brief to senior management be highly technical in nature? Will it detail every part of the
analysis process? Will it be done via power point, etc?

Note:
TASK 1 average size is 4-6 pages. Include in-text citations for references.

THIS STEPS TO SUCCESS DOCUMENT IS DESIGNED TO HELP STUDENTS GAIN THE


NECESSARY COMPETENCY TO COMPLETE TASK ONE. HOWEVER, IT IS NOT THE DO
ALL TELL ALL. STUDENTS NEED TO ENGAGE THE PACING GUIDE AND PLANNING
RESOURCES TO ENSURE PROFICIENCY.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy