Cybercrime and digital investigation | Information Systems homework help


Assignment Details

Don't use plagiarized sources. Get Your Custom Essay on
Cybercrime and digital investigation | Information Systems homework help
Just from $13/Page
Order Essay

With the identification and preservation of the physical and digital evidence completed the incident response team must now enter the data collection phase. During the data collection phase, the investigative team must collect volatile evidence first, and non-volatile second. Describe the volatile and non-volatile evidence types to be collected and the methods to both collect and analyze the two types of evidence.

  • Describe the volatile live acquisition process to collect evidence related to system memory and registry changes and analysis methods conducted over this evidence. 
  • Describe the non-volatile acquisition process of evidence collection over powered down systems and devices, and the related analysis methods used over non-volatile evidence.  
  • Describe the exact investigative techniques that you would use to analyze the users’ information, habits, and history for each program. Explain the reasons for your selected techniques.

Remember to address forensic evidence you might find relating to the ransomware attack. You should be making references to specific directories, files, file types, registry entries and log files which point to sources of the incident forensic evidence.

The 16-18 slide PowerPoint presentation should include the following:

  • Title Slide (1)
  • Topics of Discussion Slide (1)
  • Windows 10 Operating System (3 slides)
  • Registry and Memory (2 slides)
  • Internet Explorer (3 slides)
  • Outlook e-mail (2 slides)
  • Photoshop (2 slides)
  • Office (3 slides)
  • References Slide (1)


Calculate the price of your paper

Total price:$26
Our features

We've got everything to become your favourite writing service

Need a better grade?
We've got you covered.

Order your paper