Assignment: Computer Security And Forensic Tools

2953 Words12 Pages
Computer Security and Forensic Tools (SEC 6744) Cover Sheet Assignment 1 HAND OUT DATE: HAND IN DATE: 9/26/2014 WEIGHTAGE: INTAKE: March 2013 Instructions to students: • The assignment should be attempted individually. • Complete this cover sheet and attach it to your assignment – this should be your first page! Student declaration: I declare that:  I understand what is meant by plagiarism  The implication of plagiarism have been explained to us by our lecturer  This project is all my work and I have acknowledged any use of the published or unpublished works of other people. Names of Candidate Name Student ID Max Lester Tumbu 0309526 Moiz Siddiqui 0309020 Table Of Contents • Overview…show more content…
All evidence was collected legally and with the consent of the involved party. This case was handled as a private matter and was only to be made public if the client wanted to. All evidence and steps follow the laws and regulations of the country, state, province and general practice. To ensure that if this case is taken to a court of law, this report will have one copy and one original. The copy will be for the client, whereas the original will be kept in the evidence storage room at our facility for record and safe keeping purposes. Case Overview Case Description Emma Crook, the secretary of Mr. Jim Boss, the owner of the ‘Really Big Company’, has been suspected of sharing company sensitive material to other companies and competitors. On 15th November, 2013, Mr. Jim Boss approached and confronted Emma Crook at 12.00pm, he wanted her to give him an explanation about his suspicions. After returning from lunch Mr. Boss returned to the office only to find that Emma Crooks office was completely empty and clean, she was gone. Mr. Boss probably confirming his suspicions tried searching Ms. Crook’s desktop computer but it failed to start (or boot up). Mr. Boss not sure what was going on contacted a computer forensic expert to help him find out the…show more content…
These are various files that store information about the user on a particular system. The different type of log files listed below were investigated to find evidence that could help in possibly solving the case. The log files are: • acct – contains every command typed by every user on the computer. • loginlog – records failed logins • syslog – main system log file that contains a wide range of messages from many applications • sulog- records every attempt to log in as the administrator of the computer (root). • Utmp – contains a record of all users currently logged into a computer. The “who” command accesses this file. • Wtmp – contains a record of all of the past and current logins and records system startups and shutdowns. The “last” command accesses this file. • Xferlog – contains a record of all files that were transferred from a computer using the file transfer protocol. Emails The emails of MS. Crook were check thoroughly for any information about the leaked information. All email headers were also checked to make sure that no dummy email accounts were being used. The contact list of her emails were viewd to check wether or not she had any competitor names on it. Deleted emails can also be

More about Assignment: Computer Security And Forensic Tools

Open Document