Is this case best pursued as a corporate or criminal


THE CASE:

Donald Price is an employee from Joachim's Art Gallery based in Melbourne, Australia. Mr. Price had been suspended from the gallery when an audit discovered that one of the pieces he was responsible for had disappeared. (This was a small watercolor of two boats.) Unfortunately, Mr. Price wiped the hard disk of his office PC before investigators could be deployed. However, a CD-ROM was found in the PC's CD-ROM drive. Although Mr. Price subsequently denied that the CD-ROM belonged to him, it was seized and entered into evidence.

A forensic image in raw format of the CD-ROM can be found here: https://www.deakin.edu.au/~zoidberg/2013OZ.ISO
And its MD5 hash value can be found here: https://www.deakin.edu.au/~zoidberg/2013OZ.ISO.md5

You, an ITS officer employed by Joachim's Art Gallery, are assigned to examine the image for any information relating to the case. You should keep in mind malicious codes and other means which may potentially alter the evidence. YOU MUST CITE ALL REFERENCES INCLUDING TECHNICAL MANUALS AND LAW PARAGRAPHS.

Your analysis should be conducted on a virtual machine (VMware) and include the following information:

1. PROCEEDURE

Use an evidence form to document the evidence given to you.

Describe the environment of your forensic workstation and the access to the machine. Describe the procedure that you used to download the image file to your work directory.

Give at least two SHA-based hash function values of the ISO image.

Explain why multiple hash values are necessary to verify the validity of the image file.

Explain the procedure that you used before you could access the image file inside the virtual machine.

2. BINARY DETAILS

Use a table to document the detailed information of the files found in the root directory of the ISO image-file names, file actual sizes and their MD5 hash values.

Provide a description of any programs you would like to use based on the files identified on the ISO image.

3. FORENSIC DETAILS

Describe the key words you used to search the ISO image and explain why you chose them. Detail your search result and give your conclusions. (Document your procedure including commands and screenshots.)

4. LEGAL IMPLICATIONS

List one violation conducted by Mr. Price against Cybercrime Act 2001, and one violation conducted by Mr. Price against the Crimes Act 1958. Back up your answers with definitions.

Is this case best pursued as a corporate or criminal investigation? Why?

Solution Preview :

Prepared by a verified Expert
Other Subject: Is this case best pursued as a corporate or criminal
Reference No:- TGS01204472

Now Priced at $50 (50% Discount)

Recommended (90%)

Rated (4.3/5)

A

Anonymous user

3/8/2016 7:16:01 AM

By studying the case scenario illustrated in the assignment, write a paper which address the answer of the following questions in APA style. Q1. Illustrate the environment of your forensic workstation and the access to the machine. Explain the method that you employed to download the image file to your work directory. Q2. Provide at least 2 SHA-based hash function values of the ISO image. Q3. Describe why multiple hash values are essential to confirm the validity of the image file. Q4. Describe the method that you utilized before you could access the image file within the virtual machine. Q5. Give an explanation of any programs you would like to utilize based on the files recognized on the ISO image. Q6. Illustrate the key words you employed to search the ISO image and describe why you select them. Detail your search result and provide your conclusions.