Create an account Home  ·  Topics  ·  Downloads  ·  Your Account  ·  Submit News  ·  Top 10  
Modules
· Home
· Content
· FAQ
· Forensic Downloads
· Forensics Feedback
· Forums
· Members List
· Statistics
· Surveys
· Top 10
· Topics
· Training Reviews
· Web Links
· Your Account

Our Membership

Latest: williamlucas
New Today: 0
New Yesterday: 0
Overall: 29661

Computer Forensics
This is a free and open peer to peer medium for digital and computer forensics professionals and students. Please help us maintain it by contributing and perhaps linking to us from your own website.

Recent Posts

 Puma Suede zapatos compactos a menudo usan esas sutilezas
 Software to search an FTK Lite Mounted drive with keyword
 How much can be found?
 Computer Forensic in responding to Data Breach issues
 A bunch of numbers about digital evidences collection

Computer Forensics World Forums


Pages Served
We received
59540838
page views since August 2004

Security Sources

FTC
OnGuard Online
ISO 17799 ISO 27001
ISO 27000 Toolkit
ISO 27001 & 27000
Cryptography
Security Policies

Computer Forensics World: Forums

Computer Forensics World :: View topic - Need help with this Case
 Forum FAQForum FAQ   SearchSearch   UsergroupsUsergroups   ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Need help with this Case

 
Post new topic   Reply to topic    Computer Forensics World Forum Index -> Digital Forensics: Getting Started
View previous topic :: View next topic  
Author Message
iSlayerdx
Newbie
Newbie


Joined: Sep 05, 2015
Posts: 2

PostPosted: Sat Sep 12, 2015 6:14 am    Post subject: Need help with this Case Reply with quote

Hello all! I am doing this case project for my CMNW 121 class and I am stuck at this part. This case says that a bank has hired my private firm to investigate employee fraud, the bank uses four 20 TB machines on a LAN and I am permitted to talk to the Network Administrator who is familiar with where the data is stored. What diplomatic strategies should I use? Which acquisition method should I use? I was personally thinking about using ProDiscover Basic as my tool (since at least 1 tool is required) but I am not yet sure how to go about this case yet. I figured I would ask here before I made a mistake. Thanks in advance!
Back to top
View user's profile
PreferredUser
Newbie
Newbie


Joined: Jan 01, 2007
Posts: 1130
Location: USA

PostPosted: Sun Sep 13, 2015 12:34 pm    Post subject: Reply with quote

Quote:
What diplomatic strategies should I use?
Do you believe the Network Admin to be a subject of the investigation? That would be a determining factor in how you treat them.

Quote:
Which acquisition method should I use?
Are all the computers at a single location? What state are the computers in (on/off)? Do you believe a live acquisition will be beneficial? There are a lot of questions to consider.

Quote:
I was personally thinking about using ProDiscover Basic as my tool (since at least 1 tool is required) but I am not yet sure how to go about this case yet.
What tool or tools are you proficient using? If you said you wanted to setup EnCase Enterprise and image the computers over the network but you had never used it, or you were going to setup a server with network shares and boot from a Linux environment but are not comfortable at the command line, I would ask why you are choosing those tools. The best tool is the human running the tool.

You have a lot of questions to ask yourself before proceeding.
Back to top
View user's profile
Display posts from previous:   
Post new topic   Reply to topic    Computer Forensics World Forum Index -> Digital Forensics: Getting Started All times are GMT + 10 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Powered by phpBB 2.0.10 © 2001 phpBB Group
phpBB port v2.1 based on Tom Nitzschner's phpbb2.0.6 upgraded to phpBB 2.0.4 standalone was developed and tested by:
ArtificialIntel, ChatServ, mikem,
sixonetonoffun and Paul Laudanski (aka Zhen-Xjell).

Version 2.1 by Nuke Cops 2003 http://www.nukecops.com

Forums ©

 

TMs property of their respective owner. Comments property of posters. 2007 Computer Forensics Science World.
Digital forensic computing news syndication: Computer Forensics Training News or UM Text
Software is copyrighted phpnuke.org (c)2003, and is free under licence agreement. All Rights Are Reserved.