Solved by verified expert:Need at least a 100 word response to the students discussion that will be posted below. Also below in bold are the questions that we’re asked.Questions:You are a computer forensics investigator for a law firm. The firm acquired a new client, a young woman who was fired from her job for inappropriate files discovered on her computer. She swears she never accessed the files.1. What questions should you ask and how should you proceed?2. What is chain of custody and why must it be followed in investigations?Student one-In order to help her prove her innocence you’d need to think about the circumstances. If she’s telling the truth, which being hired by her law firm, you must presume the goal is to believe her side and prove her innocence. So, if she didn’t actually access the files the forensic investigators goal is to prove that there is reasonable doubt that she didn’t do it. If she didn’t do it then how did the files get there? I’d ask her if she had a habit of leaving her computer unlocked and left unattended. I’d also want to know if she had ever shared her login information with anyone. These two things could easily allow another person access. I’d want to know what kind of protection the company had on their computers, like antivirus and what not. Knowing if anyone she worked with might have a reason to frame her would also be pertinent information. Without more information on the situation I don’t really know how to proceed. Im guessing the computer belongs to the company she was fired from so the woman lawyers wouldn’t have access to them nor would the forensics investigator.Chain of custody is the documentation of every step and movement made with evidence. If the evidence is physical every time it changes hands it has to be written down. With digital forensics evidence every move you make on the machine or device needs to be accounted for. Being able to retrace every movement made will help prevent the evidence from being rendered inadmissible in court proceedings. (Eastom, C.)Easttom, C. System Forensics, Investigation, and Response PDF VitalBook. [VitalSource]. Retrieved from https://online.vitalsource.com/#/books/97812840383…-RebeccaStudent two:As an investigator, I would ask the following questions:1. Do you have your password written in a location that other personnel know of?2. Do you leave your machine unlocked when away?3. Does your company allow you to remote in to your network or give remote access to your computer?4. Do you have any administrative permissions to your machine or network? If so, have you disabled any anti-virus protection or firewall?5. What activities have you conducted on your machine? (website access, social media access, streaming sites)6. Has anyone prompted you or inquired as to your account information, stating they were from IT or the networking department to conduct updates or other various activities?7. Do you know the individual who worked at the client prior to you and when they left?After asking the client that was fired those questions, I would then ask to see the standard processes that the company takes for all users. How many have privileged access, what type of training is given to the users to determine if the users understand their responsibilities on the network, how often the company conducts updates to it’s network, if they have a type of IDS/IPS (if they do, how do they manage it), what kind of peripheral devices are on the network and the topology of the network (to include any VPN connections or remote access allowed). I would also ask the company who worked at the machine prior and if there are any requirements to validate computers efore other users access them. Once I have an idea as to how the company conducts their daily buisiness, I can then work the affected machine, utilizing various tools to copy the HDD and verify the files accessed and by whom they could have been accessed or created by.2. Chain of Custody is the process of maintaining the exact location of evidence at all times. This is to include where is is located, in whoms possession and what type of modifications or work that has been done to it. With computers or electonic media, you don’t want to change the specific data on the machin, which is why you make a bit by bit copy of the data in order to analyze it. Failure to account for Chain of Custody would null your investigative points for that peice of evidence and would not be allowed in the court.-James
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.Read more
Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.Read more
Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.Read more
Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.Read more
By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.Read more