Final Case Project
Your final case project will have you completing the forensic investigation on Chris Murphy who allegedly committed industrial espionage. This final project and your final forensic report will take approximately 4-5 hours, so please use good time management to complete this final case project.
Ileen Johnson has sent you another image file collected from employee Chris Murphy’s computer, which uses a different file system from Denise Robinson’s computer. For this project, you will use the GCFI-NTFS image files that were in Chapter 9 Project folder. You will want to move these files from your Chapter 9 work folder to a new folder, for example C:WorkChap14Projects before beginning these projects.
You will also be introduced to a different forensic software program called Forensic Tool-Kit or FTK. This was covered in previous chapters, but we did not do any case projects with this particular software. You will need to navigate on your Student DVD, Software folder, and load the FTK software on your computer to complete this final case project.
You will then complete Hands-On Project 14-2 on pages 537-539 of your book. Your book will walk you through specific step by step instructions on processing the image file taken from Murphy’s computer. In this forensic analysis, you are concentrating on e-mails.
This case project continues in Chapter 15 of your book. Before beginning your next case activity, create a folder called C:WorkChap15Project for your work folder and move all GCFI-NTFS image file segments, including the GCFI-NTFS.pds file used previously.
Ileen Johnson, who is the general counsel for Superior Bicycles, has asked you to collect all known email addresses from employee Chris Murphy’s computer. Ms. Johnson also needs the message contents and all email addresses that are not from Superior Bicycles. You have been advised that you will need to testify on all of your forensic activities conducted in this investigation.
To complete this part of the case project, you will use ProDiscover Basic to extract email folders and FTK Demo to extract and analyze email metadata and messages.
You will then complete the Chapter 15 project described in detail on pages 557-561 of your book. This will be the final forensic activity you conduct in this investigation.
After you complete these final forensic analysis projects, you need to compose one complete forensic case report that incorporates all forensic activity conducted during the last eight weeks on this industrial espionage investigation. You can utilize forensic software reports in your final report as attachments. You need to outline all forensic activities, results, conclusions, etc. Compose this report in preparation for courtroom testimony utilizing what you learned in Chapters 14 & 15.