Information Technology

CIS8708 Digital Forensics Assessment

30 March 2023 04:31 AM | UPDATED 1 year ago

CIS8708 Digital Forensics Assessment :

For solution: +610482078788



CIS8708 Digital Forensics Assessment
CIS8708 Digital Forensics Assessment

Assessment task information: CIS8708- Digital Forensics – Semester 1, 2023

Assessment 2: Report

Important notes for this CIS8708 Digital Forensics Assessment

This report is worth for 40% of your total mark for this course.

This report addresses the following course learning objectives (CLO) 2,3, and 4:

CLO2: reflect on and synthesise complex issues, problems, concepts and theories relating to securing diverse devices on non-wired networks;

CLO3: apply specialist knowledge and skills in enabling secure use of wireless, mobile and IoT networks to mitigate potential security breaches;

CLO4: critically examine cyber security breaches using forensic tools, processes, and procedures

  • This report is individual. Group submission will get a zero mark.
  • Check word limit. Your report should be concise and self-explanatory with respect to the word limit.
  • Any assumptions which you consider in doing your assessment MUST be stated clearly in your report.

CIS8708 – Report

This report has three questions to be completed. Compile your answers into a single MS Word or .pdf document and then upload to Study Desk. Your Report MUST include your Name, Student Number and course code (CIS8708) in the header of each page and include references and a bibliography where appropriate. When submitting your document/s, the file will be submitted to Turnitin for originality checking. Therefore, it is important to include necessary references and bibliographies in your submission.

Question 1 – 25 marks, 750 word maximum (CLO 2 and 4) A real-word investigation scenario at Woolworth retailer

Woolworth retailer has recently realized anomalies in its orders that are made by customer doing online shopping. It has undertaken an initial check of system log files, and there are a number of suspicious entries and IP addresses with a large amount of product data being sent outside the Woolworth software system firewall. Woolworth has also recently received a number of customer complaints saying that there is often a strange message displayed during online shopping and order processing, and they are often re-directed to a payment page that does not look legitimate. Your job is to conduct a digital forensic analysis process and data acquisition which relying on adopting a set of sophisticated tools.

  • Read the file named “Digital forensic tools-Recent advances and enhancing the status quo – supplementary material” which is under Module 6. A list of data acquisition tools is discussed in this file. Note that some of these tools may have been already discussed or referred to in Module 6.
  • Select 4 tools based on your interest. Then
    • Write a brief instruction (maximum 5 lines) of these tools and highlight at least 3 key features for each.
  • Write an analyse and discuss how these 4 tools can help you to conduct the whole investigation process including the identification of digital evidence and data acquisition.

Hint: your answers and examples should be exactly related to the scenario. General answers or examples that are irrelevant to the scenario are not acceptable.

Question 2 – 25 marks, 600 word maximum (CLO 2 and 3)

Consider the real-world scenario described in Question 1. Read the file named “Data acquisition process model” which is under Module 4. In particular, read carefully Figure 2 (UML activity diagram of the acquisition process).

Write a report, placing yourself in the shoes of a digital forensic detective for the local police office. Detail in the report, the steps that you are taken to gather evidence from IT support of Woolworth, Woolworth systems, and customers. In addition, explain 3 different obstacles that might you expect to encounter during the investigation case.

Question 3 – 50 marks, 300 word maximum (CLO 4)

The file named “Explainable artificial intelligence for digital forensics.pdf”, available under Assessment -> Written Report folder, explores the potential of Explainable Artificial Intelligence (XAI) to enhance triage and analysis of digital forensic evidence, using examples of the current state of the art as a starting point. The .pdf provides both practical and novel ideas as well as controversial points for leveraging XAI to improve the efficacy of digital forensic analysis. Read this file completely and read carefully in particular the case study Section 4.

Based on your understanding and lecture PowerPoints and relevant sources in the Study Desk during the course so far, provide 5 example challenges and 5 example advantages in using XAI to conduct digital forensic analysis.

Hint: You need to consider Figure 2 in the file named “Explainable artificial intelligence for digital forensics.pdf” and sections 3.4.1 and 3.3.4 in this file to organise your answers.

Written report Rubric
Student Name:  Date:   
Assessment 2 ReportWeighting: 40%Mark out of 100: /100   
 Criteria100 – 85%84 – 75%74 – 65%65 – 50%49 – 0%
Question 1Clarity of tool descriptionThe         description             ofThe      description            ofThe description ofThe description ofThe selected tools are
(CLO 2 andand justification (supportiveselected tools is complete,selected               tools                    isselected    tools isselected              toolsnot              explained
4)scenario-specific examples)distinct features for eachcomplete, distinctincomplete     orneeds            furthercompletely.       No
 the         strengths         andare discussed, and thefeatures for   each   arepartial,             distinctdevelopment (noexamples of   distinct
 weaknesses    of   tool   forway each tool is useddiscussed, and the wayfeatures    for                eachexample of   keyfeatures for each tool.
 investigation         includingduring the investigation iseach tool is used duringare well-explained,features).                 TheNo       example  or
 digital evidence and datawell-described.     Thethe investigation is well-and the way eachapplication  ofirrelevant examples of
 acquisition (25 marks)answers clearly   explaindescribed. The answerstool is used duringtools during   thetool application during
  how      the            tools            areclearly explain how thethe investigation isinvestigationthe          investigation
  collectively help with thetools are collectively helpunclear.                There                isprocess       inprocess.     The                  are
  investigation processwith    the    investigationpartial clarity aboutunclear                 (noseveral          presentation
  along     with           illustrativeprocess              along                 withhow these tools helpcontext-specificissues               including
  examples relevant to theillustrative exampleswith              theexamples                 arespelling/formatting.
  scenario.relevant to the scenario.investigationprovided). There 
   However, the applicationprocess         accordingare              some 
   of each tool and relevantto    the       scenario.presentation 
   examples to conduct theThere     are             someissues. 
   investigation process arepresentation issues.  
   not well developed and   
   justified (some examples   
   are too general, wrong,   
   or    irrelevant     to the   
Question 2Clarity of steps to be takenThe description of steps isThe description of stepsThe description ofThe description ofThe     description of
(CLO 2 andto gather   evidence   fromcomplete and supportedis somewhat   completesteps and identifiedsteps                andsteps and   identified
3)different      sources      andwith examples accordingand       supported           withobstacles                 needidentifiedobstacles are not well-
 justifications   for   differentto    the       scenario. Theexamples according tofurtherobstacles are tooexplained     and not
 obstacles (25 marks)identified           obstaclesthe scenario. However,development. Theygeneral        orrelated to the scenario.
  against the investigationthe investigation processare too general andincompleteIt is not clear how
  process are sound and relevant to the scenario along     with illustrative general and some identified obstacles need further development.not specific to the scenario.according to the scenario. There are                  some presentation issues.steps are performed, and obstacles are relevant to the scenario. The are several presentation issues              including spelling/formatting.
Question 3Context                 specific                  (noThe       description             ofThe      description            ofThe description ofThe description ofThe     description of
(CLO 4)general)                examplechallenges   andchallenges andchallenges orchallenges        orchallenges          or
 challenges    and                exampleadvantages related to XAIadvantages            related                   toadvantages relatedadvantagesadvantages related to
 advantages in using XAI toapplication    to conductXAI      application            toto XAI application torelated    to    XAIXAI     application to
 conduct    digital forensicdigital forensic   analysisconduct digital forensicconduct digitalapplication        toconduct                    digital
 along    with            rationale toare well described withanalysis    is       somewhatforensic analysis areconduct      digitalforensic analysis are
 select       the               examplesclear illustrative examples.complete,              clear,                 andincomplete, tooforensic analysisnot clear, wrong, or
 analysis (50 marks) specific to XAI. Somegeneral,             and              notarerelevant to XAI. The
   challenges andspecifically relatedunderdeveloped.are                  several
   advantages need furtherto XAI.They               arepresentation                   issues
   explanation or   support irrelevant,        tooincluding
   with examples. general, and notspelling/formatting.
     related    to   XAI. 
     There are some 


Additional Feedback:

Resources available to complete taskReferences are required and the Harvard AGPS standard of referencing must be used, including in-text referencing. Ensure that your Assignment is fully referenced, including any references to the textbook. Your User Manual should include a List of References using the Harvard AGPS standards. A useful link on referencing is from USQ’s Library site: <> Any direct and paraphrased quotes must be referenced using Harvard AGPS style and listed in the List of References. Do not repeat verbatim large portions of information from other sources such as the text or video – you must put the ideas/information in your own words. Only use small direct quotes where possible.
TurnitinTurnitin is a detection software OF CIS8708 Digital Forensics Assessment and text matching tool used in this course. Plagiarism checking is automatically done when you submit your assignment. An originality/similarity report is automatically created which checks the originality of your assignment. You can access and review the report. NOTE: ⚠ It may take up to 24 hours for a report to be issued from Turnitin ⚠ When the assignment has been checked, you will see a notice in the Files submission area. ⚠ The percentage mark given indicates the amount of text matched against the Turnitin Database. It is merely an indicator that should always be reviewed to identify where Turnitin have picked up potential plagiarism. ⚠ You may have the option to edit submission or the option to submit assignment, this is determined by your lecturer. ⚠ Once you submit assignment you are no longer able to edit it.
Assessment Policies & Procedures⚠ Information and links regarding USQ’s assessment policy/ procedure; extensions and late submissions; academic integrity & misconduct and marking are found on your course StudyDesk Assessment page. ⚠ Note on Late submission & extensions: Applications for an extension of time will only be considered if received in accordance with the USQ Assessment procedure and the Assessment of Compassionate and Compelling Circumstances Procedure. Refer to the links on StudyDesk for copies of these procedures.
Text Box: Academic Integrity
Your time at university is an opportunity to develop the knowledge and the skills you will need to succeed in your chosen profession. Academic integrity is essential in ensuring the quality of your education and development. Academic Integrity means acting with the values of honesty, trust, fairness, and respect in learning, teaching and research. It celebrates the genuine achievements made by yourself and your peers.
Breaches of academic integrity undermine your development and the ability of you to work at the level needed after you graduate. Academic Misconduct includes but is not limited to


Also visit:

For solution: +610482078788