Professional Documents
Culture Documents
It describes in detail the chain of custody process for the computer and USB memory.
Calculates the MD5 and SHA1 hashes of the acquired forensic images.
Dedicate a section of the report to analyze the security policy. Can the company analyze the
employee's computer? And your email? And the USB stick?
The company asks the expert for a list of the files contained in the USB memory and a
description of their content. Note: this USB stick comes from another forensic scene and
contains erased information; this information should not be retrieved.
Information sources
The following pieces of digital information are provided to the student:
Confidential electronic files should be stored and maintained on authorized external storage
devices and on secure network drives.
Paper documents and confidential electronic files can only be consulted within the
permitted hours of 10:00 a.m. to 4:00 p.m., with the corresponding permissions.
Unauthorized electronic devices, such as laptops, portable storage devices, and smart
devices, cannot be brought into the company.
All employees must go through the security control system.
All storage devices like HDD, SSD, USB sticks, and CD / DVD are prohibited under the security
control rules.
Personal use of corporate computer equipment is prohibited.
The worker is advised that the company can analyze corporate computer systems with
justified cause and that he should not have any expectation of privacy when using them.