The Investigation of Computer-Related Crime
Suggest at least two (2) general principles for proper evidence preservation for stand-alone personal computers, networked home personal computers, and network server business networks. Provide a rationale for your response.
Two (2) general principles for proper evidence preservation are to ensure the security and safety during transient by storing the electric devices in a container or medium. Secondly, label, pack, list everything that comes with the system and seal all components that open and keep all in relative condition.
The goal and incentive is to keep data or all information fresh for analyzation that has been logged in system. Further since digital evidence is fragile consider the handling of admissible data as quicksilver. As supportive to the preservation of evidence this acts as a level and asset to prove crime committed because steps have been taken to not destroy or lose valuable evidence and ensure that prosecutorial steps can be taken.
Discuss the major procedures that investigators must use in order to collect network trace evidence of computer-related crimes.
The major procedures that investigators must use in order to collect network trace evidence of computer related crimes are as follows in steps:
1. Establish the criminal intent
2. Analyzation of logs
3. Locate evidence
4. Track source
5. Identify each computer system as individual
6. Breakdown network architecture
7. Intranet entry observatory
8. Internet permissive intrusion
9. Correlate and correspond criminal evidence from segmented trace
These are proposed steps to ensure that the evidence acquired will be admissible in court as evidence. Because the steps have been taken it should be highly unlikely that any evidence acquired will be dismissed. Minimizing the hearsay rule is the objective and increasing the simplicity of understanding is the primary.
Next, speculate on the primary concern of investigators as they execute the evidence-collection procedures in question, and explain the main reasons why you believe such a concern is valid. Justify your response.
The primary concern of investigators as they execute the evidence collection procedures in question is to obtain and keep a high level of accuracy and truthfulness. Because the time factor is evidenced and that the seizing of critical information technology department assets can cause a financial upheaval it is prudent to have a plan to not cause a financial cost and destruction of business operations. Further a well prepared analyzation and clear depiction that a crime has been committed can summarily cause a plea bargain.
Reply to co-student #1
Just imagine a switch is hit and it turns off or turns on a computer and there is a trap or a booby that triggers erasure of all contents. Who wants to claim they did this if they have staked out this person or business for a long time?
I agree with your points and by all means detail recognition is the correct procedure to follow to keep, maintain and keep evidence secure and fresh for use in court.
Thank you.
Felicia
Reply to co-student #2
I agree that alteration of any detail or contents of a computer is a give-away and lost. Further that keeping a computer off meets it is seized as is and state of original. Also, the primary purpose is to secure as evidence and steps should be used as you state correctly to accomplish this and keep it simple and understandable for the jury to scrutinize.
Thank you.
Felicia
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment