Digital forensic investigators are often challenged to access encrypted data or to process data and systems that have been subjected to antiforensic techniques. In both cases, a user or system designer has taken steps to make the data more difficult to access and the investigator must apply all known and reasonable techniques to access the data. The goal of this project is to familiarize you with encryption basics, various encryption implementations, antiforensic techniques, and attacks on encryption systems and passwords.
This project consists of six steps. Completion will lead to the development and distribution of a job aid and sample investigative report. The job aid (Steps 1 and 5) will explain basic cryptography, password cracking, and interception attacks. The investigative report (Steps 2, 3, and 4) will document the processing of files, partitions, and software, and the data derived from these analyses.
As seen in the scenario, cryptography is a complex topic, and you need to find a simple way to ensure the temporary employees can perform the work your agency requires. Ready to get started?
When you submit your project, your work will be evaluated using the competencies listed below. You can use the list below to self-check your work before submission.
- 1.1: Organize document or presentation clearly in a manner that promotes understanding and meets the requirements of the assignment.
- 1.2: Develop coherent paragraphs or points so that each is internally unified and so that each functions as part of the whole document or presentation.
- 1.3: Provide sufficient, correctly cited support that substantiates the writer’s ideas.
- 1.4: Tailor communications to the audience.
- 1.5: Use sentence structure appropriate to the task, message and audience.
- 1.6: Follow conventions of Standard Written English.
- 1.7: Create neat and professional looking documents appropriate for the project or presentation.
- 2.1: Identify and clearly explain the issue, question, or problem under critical consideration.
- 2.2: Locate and access sufficient information to investigate the issue or problem.
- 2.3: Evaluate the information in a logical and organized manner to determine its value and relevance to the problem.
- 2.4: Consider and analyze information in context to the issue or problem.
- 2.5: Develop well-reasoned ideas, conclusions or decisions, checking them against relevant criteria and benchmarks.
- 3.2: Employ mathematical or statistical operations and data analysis techniques to arrive at a correct or optimal solution.
- 4.1: Lead and/or participate in a diverse group to accomplish projects and assignments.
- 5.4: Demonstrate an understanding of the different parts of a computer
- 5.5: Apply risk management principles to an investigation.
- 6.1: Perform report creation, affidavit creation, and preparation to testify
- 6.2: Demonstrate ability to investigate mobile technology
- 6.4: Demonstrate the ability to gather file system evidence.
- 6.6: Perform malware analysis
- 6.7: Access encrypted data or process data and systems that have been subjected to anti-forensics techniques
- 9.2: Evaluate Enterprise Architecture