Unit 1 individual project legal and technical report writing and presentation

Assignment Details

Assignment Description

Overview

Throughout this course, you will be developing several components of the required document deliverables related to a computer forensics or incident response report needed to initiate and execute a legal case. After identifying either computer forensics or incident response as your report template, you will need to choose 1 scenario from a choice of 3 below (identified below and in your uploaded report template) and execute this scenario over the span of the entire course from either the computer forensics or incident response area, with instructions on what section to complete each week. This is an evolving project, so always include the previous weeks’ work in the template and add to the template each week, making changes to the overall template based on instructor feedback each week.

Computer Forensics Scenario



Choose 1 scenario from the following 3 areas, and execute your assignment template starting at Unit 1:

  • Scenario 1 – Stolen/Leaked Information: An employee or external entity has either improperly downloaded information or stolen sensitive information (e.g., financial, contracts, client lists, product info) via a flash/thumb drive. Investigation is required to determine what data and files were stolen, who stole the information, and when.
  • Scenario 2 – Network Infection: An internal or external entity has penetrated the network, impacting corporate or federal resources and impacting network performance. Investigate the scope of the compromise and identify what resources and files are infected and who is responsible.
  • Scenario 3 – Homicide: A homicide has been committed with both mobile and computer devices on the scene. Investigate ALL computers and devices to retrieve the data, analyze them, and report on findings related to the case.

For each of these scenarios, please note the following:

  • Number of systems being investigated must be at least 1 and up to 10
  • Systems and network must be running either Windows or Linux

Incident Response Scenario

Choose 1 of the following 3 scenarios, and execute your assignment template starting at Unit 1:

  • Scenario 1: Account compromise (e.g., network penetration or internal threat)
  • Scenario 2: Malicious code (e.g., virus, worm, Trojan)
  • Scenario 3: Reconnaissance (e.g., scanning, probing)

For each of these scenarios, please note the following:

  • Number of systems being investigated must be at least 1 and up to 10
  • Systems and network must be running either Windows or Linux

Project Selection

The first step will be to select the scenario from those identified at the start of your template and then execute the required sections for Unit 1. This project will be used as the basis for each of the assignments throughout the course and should conform to the following guidelines:

  • Nontrivial: The selected report and format must be identified from the report format illustrated in either the computer forensics or incident response areas.
  • Domain knowledge: You will be applying knowledge of this selected scenario and related reading materials to determine the contents of the final report deliverable

The second step will be to start outlining the assignment requirements using the description and creating an action plan to accomplish any research, analysis, evaluation, or other work necessary to develop the required deliverable. This resource provides additional research concerning how to establish technical document outlines. Observe the provided report template for the Unit 1 assignment depending on your choice of either computer forensics or incident response.

Assignment

After selection of the scenario, you will add content to each section of your document to gradually complete the final project deliverable in Unit 5.

The project deliverables are as follows:

Computer Forensics:

 

  • Complete the following sections as identified in your Computer Forensics Template (in MS Word format):
    • Complete Contact Information for this Case [Title Page]
      • Course number and name
      • Project name /Case # (use C001)
      • Student name
      • Date
    • Complete Table of Contents (autogenerated)
      • Separate page
      • Maximum of 2 levels deep
      • Fields updated so that the TOC it is up-to-date before submitting your project
      • TOC should represent all 4 sections from Executive Summary to the Glossary and Appendix A
    • Complete Section 2.1 Evidence Assessment
    • Complete Section 2.3 Evidence Acquisition
    • Place “TBD” (To Be Determined) next to each section title that is not being populated yet.
    • Include all sections of the report every week, either completed as directed or with TBDs if not tasked yet based on the assignment requirements.
  • Name the document “yourname_ITDI373_IP1.doc.”
  • Submit the document for grading.
Incident Response:

 

  • Complete the following sections as identified from your Incident Response Template (in MS Word format):
    • Complete Contact Information for this Incident [Title Page]
      • Course number and name
      • Project name /Case # (use C001)
      • Student name
      • Date
    • Complete Table of Contents (autogenerated)
      • Separate page
      • Maximum of 2 levels deep
      • Fields updated so that the TOC it is up-to-date before submitting your project
      • TOC should represent all 4 sections from Executive Summary to the Glossary and Appendix A
    • Complete Section 1 Type of Incident
      • Description must be 150–200 words
    • Complete Section 2 Scope of Incident
      • Description must be 100–150 words
    • Place “TBD” (To Be Determined) next to each section title that is not being populated yet.
    • Include all sections of the report every week, either completed as directed or with TBDs if not tasked yet based on the assignment requirements.
  • Name the document “yourname_ITDI373_IP1.doc.”
  • Submit the document for grading.