Forensic Analysis

Through the gracious donation of a copier from Les Olson Company we’ve started a section on forensic analysis. We tackled this project based on an investigation by CBS News. You can see their report on the CBS news web site

This kind of project is departure for the Network Defense and Countermeasures course. However, we have a former student turned security engineer that was willing to give us a hand. And the upcoming visit by Assistant Director Hooper made it an easy decision.

Our first educational insight occurred when we discovered the “write blocker” device we used to practice (supposedly) sound forensic techniques ships with write features ENABLED. The lesson: know your equipment.

We’re also learning a lot about forensic software. One version works, another crashes. Some software is easy to use but finds nothing. Some students throw up their hands. Others shrug it off and look for different software or use their critical reasoning skills to head off in new directions. 

When we tackled this quest the students knew it wouldn’t be easy. I warned that we’d learn as we go. Even our Security Engineer mentor came up short on answers. But that's typical of any new endeavor. In this case reality flies in the face of book-based, paint-by-the-numbers exercises. As always the value – or lack thereof – of an assignment is proportional to the effort students are willing commit to the task.