An investigative report is a forensics report that defines the details of an incident, contains all information required to explain the conclusion, and holds legal inspection. It is used to communicate the results of the forensic investigation.
This lab will show you how to create an investigative report that identifies the continuity of the information and describes the procedures utilized during investigation. It will teach you how to:
Create an investigation report
Add appropriate recommendations
Add a concise summary of conclusions
Michael, a forensic investigator, has been working for the Federal Bureau of Investigation (FBI). His senior forensic investigator asked him to investigate the evidence from a raw/dd image of a hard disk partition. During the investigation process, Michael found various malicious files in the raw/dd image. As an expert forensic investigator, he analyzed all the files and extracted the evidence.
Now he needs to create an investigative report that provides detailed information of the complete investigation process. He needs to create an investigative report that should be clear and written in a neutral language tone so that his senior forensic investigator and other readers are able to understand it.
Computer Forensics Exercises / Investigative Reports contains the following Exercises:
- Creating an Investigative Report Using ProDiscover Tool
The Virtual Private Cloud for this Lab set utilizes:
Computer Forensics Exercises are available as part of the following subscription:
Each subscription provides 6 months access to 34 Different Exercises.
Each exercise contains a Scenario, Objectives, and individual step by step tasks to guide the user through all steps necessary to complete the exercise. The Computer Forensics Exercises are designed to give the user an ultimate hands-on experience. Each exercise category above has it’s own Virtual Private Cloud that comes preconfigured with Vulnerable websites, Victim Machines, and the environment is LOADED with tools, we even provide investigation files, hard disk clones and targets. Included in your network share are all the supporting tools required to practice in the Cyber Range / Lab environment.
Lab exercises are included for:
- Computer Forensics Investigation Process
- Computer Forensics Lab
- Understanding Hard Disks and File Systems
- Windows Forensics
- Data Acquisition and Duplication
- Recovering Deleted Files and Partitions
- Forensics Investigation Using AccessData FTK
- Forensics Investigation Using EnCase
- Steganography and Image File Forensics
- Application Password Crackers
- Log Capturing and Event Correlation
- Network Forensics, Investigating Logs and Investigating Network Traffic
- Investigating Wireless Attacks
- Tracking & Investigating Email Crimes
- Mobile Forensics
- Investigative Reports