CHFI v3 Module 06 Computer Forensic Lab.pdf
(
1856 KB
)
Pobierz
Computer H ki
C
Hacking
Forensic Investigator
Module VI
Computer Forensic
Laboratory Requirements
Forensic Services: Case Studies
(vogon international.com)
(vogon-international com)
EC-Council
Copyright © by
EC-Council
All Rights reserved. Reproduction is strictly prohibited
Case Studies
The needle in the haystack
•
One client suspected possible misuse of their computer systems with regard to the
Internet. A covert examination of over 60 machines uncovered a trail of misuse
within the company, resulting in the successful conviction of one person for handling
child pornography and a number of disciplinary cases for the downloading of
pornographic images. Our advanced forensic software and hardware made it possible
for
f us to h
home i on the most suspect computers and d l with them all on-site in
in
h
d deal i h h
ll
i i
just one day.
The big pay-back
•
Another client was ecstatic when our examination of one of their employee's
p y
computers revealed that they had been downloading valuable client information in
order to start up a rival business. They declared the potential savings to them to be in
the region of US $10 Million as direct result of two days of our consultancy time.
A natural attraction
•
An insurance company were contesting a claim for £100,000 for loss of all data from
a company's central computer. The computer had allegedly been flattened by a large
industrial magnet and all the data had disappeared from the hard disk. We were able
to confirm the extensive damage to the casing and motherboard of the computer, but
the hard disk was undamaged and we recovered all the data from it, thus saving the
insurance company from a fraudulent claim.
EC-Council
Copyright © by
EC-Council
All Rights reserved. Reproduction is strictly prohibited
Case Studies
Sold a pup
•
A large corporate company had paid a considerable sum of money upon delivery of
a state of the art computer system running on a mirrored RAID array. They could
not get the system to work at all and called us when the supplier refused to co-
operate further. Extensive examination of the hard disk revealed that none of the
operating system files were present and that what had been delivered would never
work.
k
Dial a date
•
We were called in by a leading London company when they discovered that files
g g
g
p
y
p
were going missing from their central computer systems. A covert operation
followed and we were able to prove that it was a disgruntled ex-employee who was
dialing in through a forgotten modem and tampering with their data.
The Y2K scam
•
A book keeping firm called us in when they began to experience problems with data
relating to dates past the millennium. They could not understand why they were
experiencing these problems as they had paid a computer firm to upgrade their
computers to be able to cope with the Year 2000. We checked all of their machines
and were able to confirm that no Year 2000 software had been loaded on the
machines and that they had been defrauded.
EC-Council
Copyright © by
EC-Council
All Rights reserved. Reproduction is strictly prohibited
Case Studies: Computer Forensics Case Examples
Theft of Intellectual Property
•
The President of a software development company and its lead programmer resign within a short
period, each claiming that they had not found other jobs. A mirror image of these former employees'
computer hard drives was made and searched. Deleted files showed that the President was working
on a start-up budget and was negotiating a long-term software development contract. Recovered e-
mails and attachments showed that the lead programmer was sending confidential files to his home
computer. A preliminary injunction was obtained preventing the former employees from starting a
competing business.
i b i
In a divorce case, a computer forensics examination was performed on the husband's home
computer and discovered that the computer contained a second hard drive which had been
temporarily disconnected A mirror image of the hard drive was performed and password protected
disconnected.
spreadsheets were located. Using password cracking capabilities, hidden assets, in the form of
online stock purchases and financial records were discovered.
After a purchaser company brought a suit against a vendor company regarding the sale of one of its
subsidiaries, the purchaser, using computer forensics, discovered a deleted e-mail and spreadsheet
attachment showing that at the time of the sale, the vendor knew its subsidiary was not a viable
going concern contrary to the representations that had been made in the closing documents.
Family Law: Divorce
•
Due Diligence: Mergers & Acquisitions
•
EC-Council
Source:
http://www.haforensics.com/s2.asp
Copyright © by
EC-Council
All Rights reserved. Reproduction is strictly prohibited
Plik z chomika:
qfx
Inne pliki z tego folderu:
CHFI v3 Module 02 Law and Computer Forensics.pdf
(2867 KB)
CHFI v3 Module 03 Computer Investigation Process.pdf
(3529 KB)
CHFI v3 Module 04 First Responder Procedures.pdf
(2317 KB)
CHFI v3 Module 05 CSIRT.pdf
(2815 KB)
CHFI v3 Module 01 Computer Forensics in Todays World.pdf
(1418 KB)
Inne foldery tego chomika:
Advanced Cisco Study Using GNS3 Videos
Advanced Juniper Networks Routing in the Enterprise Detailed Lab Guide
Billing with Stripe (kefirm)
Blackhat & Defcon 2009 Conf CDs Present Jul 2009
Bootsrap - Tutsplus - Bootstrap 3.0 Essentials
Zgłoś jeśli
naruszono regulamin