mail forensic • mobile devices forensic • network forensic • web server forensic • biometrics forensic • human resources management systems forensic • e B u s i n e s s F i n a n c e

mail forensic • mobile devices forensic • network forensic • web server forensic • biometrics forensic • human resources management systems forensic • e B u s i n e s s F i n a n c e


To provide students in-depth knowledge on practicing incidents response, analyzing selected cases, utilizing the tools that will assist in finding the accurate digital evidence for the purpose of assure its readiness for the legal procedures. Moreover, stimulating their thoughts about optimizing current incident response policy and its practical procedures.

Learning Outcomes:

 Apply principles of digital forensic science to confirm digital evidences,

 Demonstrate knowledge of basic tools and techniques used in digital forensics sciences,

 Conduct fundamental digital forensic investigations and able to articulate the steps of the forensic process as applied to digital evidence,

 Analyze digital forensic evidence with open-source tools,

 Figuring opportunities for improving the incidents response and it related digital forensic procedures,


Based on the knowledge gained from the digital forensic module, students are advices to choose any real-world information system. The assumption here is that one of this system is targeted by a cyber-attack and you are as a digital forensic professional asked to develop a detailed forensic report about the case. The report is a detailed incident response and reflecting institutional digital forensic procedure to prepare for a legal procedure. The selected case study could be any of the listed systems below:

• Databases Forensic

• Internet and E-Mail Forensic

• Mobile Devices Forensic

• Network Forensic

• Web Server Forensic

• Biometrics Forensic

• Human Resources Management Systems Forensic

• E- Commerce System Server

• Hospital Management System Forensic

• Supply chain management System

Then, the case study report should consist of a clear description about chosen system and might not limited to the following:

• What are the major functions performed by this system?

• Who is using this systems and user types and their access privileges?

• What is the volume of data used within this system?

• What is the storage type and where it is located (cloud/local)?

• What is the network connectivity this system utilizes?

• Medium of communication between systems?

• How the incident happened and what is the founded evidence?

Recommendations regarding suitable technical steps to be considered (Before – During – After) allocating digital evidence and what kind of mechanisms that should be adopted to assure best practice within digital forensic procedure with proper justifications.

Detailed analysis about the attack by identifying the problems and their impacts in Organization function and its reputation.

Design the network connectivity or communication channels of selected system and shed the lights a suitable mechanism to consider in term of tracing the attackers using suitable tools or simulator.

Detailed Analysis about the performance of the selected case study before, during and after the attack occurred and assume suitable tools can be utilized in tracing digital evidence.

Recommendations on suitable countermeasures to optimize, prevent or overcome the challenges with the analyzed cyber-attack and allocating the digital evidence.

General Instructions:

1. This is an individual assignment. Each student should select any of the real-world system and do elaborated research on the topics mentioned above and write a detailed report based on research done.

2. The report should be concise providing the discussion on the above-mentioned topics with the word limit of 3500 words and should be submitted on or before the date of 18th January 2021 for the course work. A soft copy of the report should be submitted to the ‘Safe Assign software for originality checking on or before final submission.

3. There will be a viva-voce after the report submission and to be arrange with module leader.

4. The final report should cover the following sections in the given order:

 Cover sheet

 Abstract

 Table of Contents

 Introduction

 Chapters that covers the detailed analysis of the above given assumed incident response

 Conclusion

 References

Note: Each section/chapter should begin on a separate sheet. Instructions for presentation in MS Word

*** Words count = 3500 words.

*** In-Text Citations and References using Harvard style.

Place this order or similar order and get an amazing discount. USE Discount code “GET20” for 20% discount