Are you pressed for time and haven’t started working on your assignment yet? Would you like to buy an assignment? Use our custom writing services for better grades. Even if your deadline is approaching fast, our writers can handle your task right when you need it.
Order a Similar Paper Order a Different Paper
Need to respond to two student discussions with at least 100 words minimum for each response. Below in the bold are the questions the students are responding to.
- Discuss what type of evidence can be collected from and mobile device and the processes used to collect that evidence.
- There are many brands of mobile devices. Is there any difference in the way that evidence is collected from them? If so, please discus these difference.
- Describe and discuss and end-to-end network forensic analysis.
- Mobile devices of any kind have some type of operating system that is running the device in any manner. Data or evidence come in the form of call logs, emails, photos, GPS information, and network information (Easttom, 2014). Evidence can be collected by certain products available on the market such as Data Doctor which can recover all Inbox and Outbox data and contact data. Sim Card Data Retrieval Utility is a product that can recover Inbox and sent data messages. Forensic SIM Cloner is a tool used to clone SIM cards which would allow an investigator to work off of a copy versus the original data or evidence (Easttom, 2014).
- Evidence collected from a mobile can be in close contrast of how it is collected from a PC. Android mobile device will be close if not identical to the PC. Apple will also be the same. Blackberry has a method of where the mobile device data can be downloaded to a workstation in order to analyze the data that is on the phone (Easttom, 2014)
- The end-to-end network forensics analysis can be defined as the capturing, recording, and analysis of network events in order to discover security attacks according to TechTarget.com. In a manner to break it down for me to understand, I look at toll-by-plate on the highway. The car enters thru a certain part of the expressway that has to be paid. The way that the use of the toll is captured is by the cameras located on the signs (capture). After the picture is taken of the vehicle’s plate it is recorded into the camera’s system database on a server of some type (recorded). Once the tag is found to have a prepaid pass or toll fob to pay for the transaction it charges the account associated with the tag, if not then the toll is sent in the form of an invoice to be paid at a later date (analysis). That process completes the end-to-end forensics analysis.
Easttom, C. System Forensics, Investigation, and Response PDF VitalBook. [VitalSource]. Retrieved from https://online.vitalsource.com/#/books/97812840383…
What is network forensics? – Definition from WhatIs.com. (n.d.). Retrieved from https://searchsecurity.techtarget.com/definition/network-forensics
Similar to investigations involving a computer, digital forensics experts can also collect evidence off of a mobile device. From a cell phone an investigator could gather call history, emails/ texts/ social media, photos, GPS information and network information (Easttom, 2014). To begin collecting evidence from the phone it is important to ensure that there is no new data added to the phone this could be done by simply not following the proper methods when connecting the device to a forensics computer. For example with iPhones there are times when once the device is connected to a computer source it will begin to self-update, this could cause a loss of potential evidence. Once it is safely conducted to a computer, tools such as Encase and Forensic toolkit can be used in order to gather evidence. Additionally, Data Doctor would also be useful when the recovery of all inbox and outbox data is needed (Easttom, 2014).
By having knowledge of the different devices can exponentially help an investigation. Each device has a different process involved in gathering evidence. For instance on an iPhone an investigator can simply open the iTunes account of the given phone and identify iOS version, phone number and serial number. Additionally, the iOS has specific tools (Pwnage. Recover my iPod and wolf) that can aid in the investigation (Easttom, 2014). As for the Blackberry, a program cannot be opened directly from the phone in order to quickly identify pertinent information. A blackberry must be backed up using Desktop Manager to begin the investigation.
Within an end-to-end network analysis it is exactly what it sounds like. This analysis will review all vulnerabilities and results of an attack. All devices and networks are reviewed including security software, routers, firewall and anything else imaginable having to do with a systems network.
Easttom, Chuck (2014). System Forensics, Investigation and Response. Jones and Bartlett (2nd ed) ISBN: 978-1-284-03105-8 ebook – EBook links provided inside the classroom.