{"id":342,"date":"2025-04-23T00:01:10","date_gmt":"2025-04-23T00:01:10","guid":{"rendered":"https:\/\/sites.wp.odu.edu\/aurorafrancis\/?p=342"},"modified":"2025-04-23T00:08:21","modified_gmt":"2025-04-23T00:08:21","slug":"midterm-paper","status":"publish","type":"post","link":"https:\/\/sites.wp.odu.edu\/aurorafrancis\/2025\/04\/23\/midterm-paper\/","title":{"rendered":"Midterm Paper"},"content":{"rendered":"\n<p><strong>Summary<\/strong><\/p>\n\n\n\n<p><br>This digital forensics company would function out of the city of Virginia Beach and will<br>only handle cases in the local Hampton area including Norfolk, Chesapeake, Portsmouth,<br>Newport News, Hampton, and, of course, Virginia Beach. Because it is only focused on this<br>specific area, it is a smaller office located in the back area in the main Virginia Beach police<br>department. So it is easier to get the product and devices back to the analyzers.<\/p>\n\n\n\n<p><br><strong>Accreditation Plan<\/strong><\/p>\n\n\n\n<p><br>When trying to obtain accreditation for a digital forensic lab, you need to know the<br>companies that do the accreditation. This includes ANSI (American National Standards Institute)<br>and ASQ (American Society for Quality), which do accreditations around the world. The joint<br>company is called (ANAB) or ANSI-ASQ National Accreditation Board. In order to get<br>accredited the lab needs to have its tasks and procedures for its cases lined out and properly<br>practiced for every case. This is because that is one thing the companies look for.<br>Accreditation teams will also be looking for the following:<br>\u25cf Ability to properly perform work and training and activities including:<br>\u25cb Forensic sciences<br>\u25cb Criminal &amp; civil laws<br>\u25cb Skills and knowledge in specific tasks and department<br>\u25cf Code of Ethics and an annual review of it<br>\u25cf A director or leader with clearly defined rules and responsibilities (Effective<br>management)<\/p>\n\n\n\n<p>\u25cf Proper equipment (hardware and software)<br>\u25cf Other specified requirements<br>So, in order to obtain and maintain accreditation I will ensure those standards are upheld (ANAB<br>&amp; AR 3125).<\/p>\n\n\n\n<p><br><strong>Forensic Laboratory Floor Plan<\/strong><\/p>\n\n\n\n<p><img loading=\"lazy\" decoding=\"async\" width=\"624\" height=\"375\" src=\"https:\/\/lh7-rt.googleusercontent.com\/docsz\/AD_4nXf83ptLf98A8QVGLSU0ZGHMvp6wB7x7TYci0qikHIp6VAfaoCIG60ikLEadRVCN4zXPjRRaYuL5mI-jCRAv4V_XpdFMTq7glPwjy7z8RM40DsrzMjEeBYpvWd_Hbn1UJe8kLKnBowKSm3TMtQdpP6DqHpA?key=TfaM33vFu3EJd_QWolaZ7g\"><br>Within this lab layout there are at least two computers for forensic analysis and two<br>office computer areas for the offices of the same forensic analysts or other staff members. The<br>forensic analysis rooms, lab, and storage rooms require special key cards which would be<br>included in your employee badge depending on your role. There is also a separate office for the lab director or manager. As far as physical security is concerned, locked rooms are one type of<br>security. When it comes to the devices, including backups, privacy screens, labeled equipment, and protecting both the evidence and any data is an expectation within the company. This also<br>includes logs of who enters and exits rooms and floor to ceiling walls and doors to ensure<br>security (Nelson 2018).<\/p>\n\n\n\n<p><strong>Inventory (Awesome Forensics\/Github)<\/strong><\/p>\n\n\n\n<p>Hardware<\/p>\n\n\n\n<p>\u25cf Write blockers \u25cf Disk imager \u25cf TD4 Duplicator \u25cf Books on digital forensics \u25cf Book shelves<br>\u25cf Forensics Computers (2 or more) \u25cf Desktop computers (2 or more) \u25cf Desks and chairs (At least 5)<br>\u25cf Power cords \u25cf Standing lamps \u25cf Door locks \u25cf Printer and accessories \u25cf Paper \u25cf Pens and pencils<\/p>\n\n\n\n<p>Software<\/p>\n\n\n\n<p>\u25cf Autopsy \u25cf The Sleuth Kit \u25cf FTK Imager \u25cf EnCase \u25cf Linux \u25cf Forensic Artifacts<br>\u25cf Bulk_extractor: Extracts info like emails and card info from disk images<br>\u25cf WireShark: Protocol analyzer \u25cf Docker Explorer \u25cf Hindsight: Forensics for Chrome<br>\u25cf Timeline Explorer: Timeline analysis \u25cf RAM Acquisition<\/p>\n\n\n\n<p><strong>Maintenance<\/strong><br>Lab Management Guidelines<\/p>\n\n\n\n<p><br>In order to maintain the standards and policies of the lab, random audits will be<br>conducted to ensure that everything is running smoothly. This includes:<br>\u25cf Ensuring the right people have access to specific areas<br>\u25cf Reviewing visitation logs<br>\u25cf Ensuring no areas are damaged or need repairs<br>\u25cf Every device is up to date<br>\u25cf Evidence is properly stored away<\/p>\n\n\n\n<p><br><strong>Preventative Maintenance<\/strong><\/p>\n\n\n\n<p><br>The goal for maintaining the lab is to keep the safety of all individuals in mind. This<br>includes keeping the lab environment clean and well kept in every aspect. Any issues causing<br>damage to the structure or lab will be reported to maintenance and repaired as soon as possible to<br>prevent any injury. Because this lab is focused on computers and electrical devices, there will be plenty of protection around the entire lab to help prevent any issues. For disposing of any electrical equipment, we will partner with an electronic company and donate any available parts to them once they are no longer needed.<\/p>\n\n\n\n<p><br><strong>Budgets<\/strong><\/p>\n\n\n\n<p><br>The budget of this department will be handled by the government and police department that this forensics company works under. (Case prices can be between $5,000 &#8211; $15,000 on average, but can cost up to $100,000) Any cases with a cost estimated over $20,000 will be automatically sent to the state or district office (Nelson 2018).<\/p>\n\n\n\n<p><strong>Roles\/ Responsibilities (Nelson 2018)<\/strong><\/p>\n\n\n\n<p><br>\u2756 Lab Director\/Manager<br>\u27a2 Details how to manage cases (logging evidence how to file reports, and who is<br>working on cases)<br>\u27a2 Reviews casework and files<br>\u27a2 Creates and enforces company ethical standards and company policies<br>\u27a2 Schedules updates for labs (hardware and software)<br>\u27a2 Manages money spent on casework<\/p>\n\n\n\n<p><br>\u2756 Forensic Analyst &amp; Staff Members<br>\u27a2 Receiving products and devices that need to be restored, analyzed, and stored.<br>\u27a2 Running tests on the devices (like imaging)<br>\u27a2 Technical training (Especially when new methods come out)<br>\u27a2 Lab procedures<\/p>\n\n\n\n<p><br>\u2756 Forensic Investigator<br>\u27a2 Acquiring items that contain data (i.e. USB or hard disk)<br>\u27a2 Preserving evidence and making copies of it<br>\u27a2 Filing a detailed report on evidence (what it is, where it was found, etc)<\/p>\n\n\n\n<p><strong>Sources<\/strong><\/p>\n\n\n\n<p><br>AR 3125 ISO\/IEC 17025:2017, anab.qualtraxcloud.com\/ShowDocument.aspx?ID=12371<br>Cugu. \u201cCugu\/Awesome-Forensics: A Curated List of Awesome Forensic Analysis Tools and Resources.\u201d<br>GitHub, github.com\/cugu\/awesome-forensics<br>\u201cHttps:\/\/Anab.Qualtraxcloud.Com\/ShowDocument.Aspx?I\u2026\u201d ANAB ANSI National Accreditation<br>Board, anab.qualtraxcloud.com\/ShowDocument.aspx?ID=7183<br>Nelson, Bill, et al. Guide to Computer Forensics and Investigations: Processing Digital Evidence. 6th ed.,<br>CENGAGE LEARNING, 2018. <\/p>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Summary This digital forensics company would function out of the city of Virginia Beach and willonly handle cases in the local Hampton area including Norfolk, Chesapeake, Portsmouth,Newport News, Hampton, and, of course, Virginia Beach. Because it is only focused on thisspecific area, it is a smaller office located in the back area in the main&#8230; <\/p>\n<div class=\"link-more\"><a href=\"https:\/\/sites.wp.odu.edu\/aurorafrancis\/2025\/04\/23\/midterm-paper\/\">Read More<\/a><\/div>\n","protected":false},"author":27605,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wds_primary_category":12},"categories":[12],"tags":[],"_links":{"self":[{"href":"https:\/\/sites.wp.odu.edu\/aurorafrancis\/wp-json\/wp\/v2\/posts\/342"}],"collection":[{"href":"https:\/\/sites.wp.odu.edu\/aurorafrancis\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sites.wp.odu.edu\/aurorafrancis\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/aurorafrancis\/wp-json\/wp\/v2\/users\/27605"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/aurorafrancis\/wp-json\/wp\/v2\/comments?post=342"}],"version-history":[{"count":3,"href":"https:\/\/sites.wp.odu.edu\/aurorafrancis\/wp-json\/wp\/v2\/posts\/342\/revisions"}],"predecessor-version":[{"id":347,"href":"https:\/\/sites.wp.odu.edu\/aurorafrancis\/wp-json\/wp\/v2\/posts\/342\/revisions\/347"}],"wp:attachment":[{"href":"https:\/\/sites.wp.odu.edu\/aurorafrancis\/wp-json\/wp\/v2\/media?parent=342"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/aurorafrancis\/wp-json\/wp\/v2\/categories?post=342"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/aurorafrancis\/wp-json\/wp\/v2\/tags?post=342"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}