Scribd
Upload
91 views5 pages

CNF Assignment 3

This document outlines the requirements for setting up a medium-sized digital forensic lab, including: 1) Defining the scope of services the lab will provide, such as focusing on specific device types or cases. 2) Ensuring proper physical security of the lab space including locking mechanisms, visitor logs, and restricting access to evidence. 3) Determining an appropriate layout with multiple workstations, exits, and separate offices or cubicles to maintain confidentiality. 4) Developing policies and procedures for lab management, inventory, case handling, training, security, and long-term financial planning.

Uploaded by

Tayyab Rafique
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
91 views5 pages

CNF Assignment 3

This document outlines the requirements for setting up a medium-sized digital forensic lab, including: 1) Defining the scope of services the lab will provide, such as focusing on specific device types or cases. 2) Ensuring proper physical security of the lab space including locking mechanisms, visitor logs, and restricting access to evidence. 3) Determining an appropriate layout with multiple workstations, exits, and separate offices or cubicles to maintain confidentiality. 4) Developing policies and procedures for lab management, inventory, case handling, training, security, and long-term financial planning.

Uploaded by

Tayyab Rafique
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd

Assignment No 3

Name Tayyab Rafique


Enrollment: 01-245191-010
Class MSTN
Course Computer &Network Forensic
Submitted to Sir Waseem Iqbal
Business plan for medium scale Digital Forensic Lab

Scope of Forensic lab:


The first step in this process should be to define the scope of your lab. Will this lab be a full-
service digital forensics lab that handles all types of devices and case work, or will it be a lab that
is focused on one particular niche such as mobile forensics? If you first define the scope of your
lab, then you will be better able to address exactly what issues you need to consider and to what
extent they will be relevant for your lab.

Physical Requirements for a computer forensic lab

 Most of your investigation are conducted in a lab


 Lab should be secured so that evidence is not lost, corrupted or destroyed.
 Provide safe and secure physical environment.
 Keep inventory control of your assets. (know when to order more supplies)
 Should have proper hardware and software tools for examining the evidence

Identifying lab security needs


Security facility
 Should preserve the integrity of evidence data
Minimum Requirements
 Small room with true floor to ceiling walls
 Door access with a locking mechanism
 Secure container
 Visitors log
 People working together should have same access level
 Brief your staff about security policy
Using Evidence Containers
Known as evidence locker
Must be secured so that no unauthorized person can access the evidence.
Recommendations for securing Evidence Containers
 Locate them in a restricted area.
 Limited number of authorized people to access the container
 Maintain record on who is authorized to access each container
 Containers should remain locked when not in use.

Determining layout for medium size digital forensic lab

Medium size digital forensic labs are typically those which are made for private business.
 Have more work stations as compared to small size lab
 Should have at least two exits for safety reasons
 Cubicles or separate offices should be in the layout to reinforce confidentiality
 More library space for hardware and software storage and management

Staff Training:


Basic Computer forensics knowledge
 International Association of Computer Investigative Specialists
(IACIS)
 NW3C – BDRA, ADRA (Basic/Advanced Data Recovery)
 Tool Specific Training
 Encase
 FTK
 Ilook
 Legal training – Search Warrants, testifying, computer crime laws and
issues for country.
o ™ NOTES:
 The field of computer forensics requires daily learning, technology
changes everyday
 Testing – Each Examiner should take and pass a competency test,
to show they understand both forensic principals as well as tool
use.
Stocking Labs

Hardware
Any lab should have in stock:
 IDE cables
 Ribbon cables for floppy disks
 Extra USB 3.0
 SCSI cards
 Graphic cards
 Hard disk drives
 Computer hand tools

Software
Maintain licensed copies of software like
 Microsoft office (current and older version)
 Quicken
 Programming languages (visual basic a visual c++)
 Peachtree and QuickBooks accounting applications

Various OS versions including


 Windows 95, 98, XP ,7, 8,8.1,10
 Linux distros
 Mac OS 7,8,9 and 10
Lab Management
When the lab is operational. Some of the key lab management issues to consider should be:
 Choose a lab manager
 Implement policies and procedures for forensic analysis and reporting
 Adhere to policies and procedures
 Implement standard naming conventions for images, files, and reports
 Implement standard reporting templates
 Implement an evidence inventory system
 Implement a lab inventory system for tools, hardware and software
 Conduct a yearly audit on lab inventory and track maintenance contracts
 Implement a case management system
 Implement a training policy
 Implement a security review policy
 Implement a software and hardware validation policy
 Implement policies and procedures for data storage and archiving to include at least
annual testing of data backup systems
 Implement a 1-, 3-, and 5-year budget plan for the lab

You might also like