top of page

DIGITAL FORENSICS 

​

DESCRIPTION

 In Spring 2022 my Digital Forensics class (CYSE 407) was tasked with creating a digital forensic lab plan for a local entity. I choose the Virginia Beach police department,'s, second patrol division. This task represented the cumulation of the processes and responsibilities for working in a digital forensics lab. Furthermore, we were able to experience the role of a Lab Manager as well as a Forensic Analyst.

​

Image by Jefferson Santos
CYSE 407: Services

SKILLS AND VALUES OBTAINED

This course along with its accompanying assignments allowed me to understand and actually experience some of the roles of criminal investigators in digital forensics. Over the course of the semester, we were able to actually perform investigative procedures: 

  1. First Response: As soon as a security incident occurs and is reported, a digital forensic team begins its investigation. 

  2. Search and Seizure: The team searches devices involved in the crime for evidence and data. Investigators seize the devices to make sure the perpetrators can not continue to act. 

  3. Evidence Collection: After seizing the devices, professionals collect the data using forensic methods to handle the evidence. 

  4. Securing of the Evidence: Investigators store evidence in a safe environment. In a secure space, the data can be authenticated and proved to be accurate and accessible. 

  5. Data Acquisition: The forensic team retrieves Electronically Stored Information (ESI) from the devices. Professionals must use proper procedures and care to avoid altering the data and sacrificing the integrity of evidence. 

  6. Data Analysis: Team members sort and examine the authenticated Electronically Stored Information (ESI) and convert data that is useful in a court of law. 

  7. Evidence Assessment: Once ESI is identified as evidence, investigators assess it in relation to the security incident. This procedure is about relating the data gathered directly to the case. 

  8. Documentation and Reporting: This procedure happens once the initial criminal investigation is done. Team members report and document data and evidence in accordance with the court of law. 

  9. Expert Witness Testimony: An expert witness is a professional who works in a field related to the case. The expert witness affirms that the data is useful as evidence and presents it in court. 

These procedures guided us to complete full investigations on case-specific investigations and without them, we mitigate the opportunity to learn the entire process of investigations.  I was able to effectively complete each given investigation as well as learn the roles of Forensic Analyst and Lab Manager. Learning these two roles allowed me to comprehend the necessities of running a digital forensic lab.

CYSE 407: Text

EVIDENCE

This PDF is the Lab Plan that I submitted at the end of the course. This plan is intended to map out the next three years for the digital forensic lab installed at the Virginia Beach Police Department's second patrol division. Within this report, I will create a diagram for the lab's physical layout which will include evidence storage for up to twenty cases, at least two analysis computers, and physical security measures. In addition, I will include an inventory of all the equipment necessary, such as software and hardware. I will also include a lab accreditation plan, lab maintenance plan, and staffing requirements as well as their job descriptions.

CYSE 407: HTML Embed
bottom of page