±Forensic Focus Partners

±Your Account


Nickname
Password


Forgotten password/username?


Membership:
New Today: 2
New Yesterday: 10
Overall: 27381
Visitors: 68

±Follow Forensic Focus

Join our LinkedIn group

Subscribe to news

Subscribe to forums

Subscribe to blog

Subscribe to tweets

Need Help with Scenario based questions/Law Enforcement/Test

Discussion of forensic issues related to all types of mobile phones and underlying technologies (GSM, GPRS, UMTS/3G, HSDPA, LTE, Bluetooth etc.)
Subforums: Mobile Telephone Case Law
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Go to page 1, 2, 3  Next 
  

Need Help with Scenario based questions/Law Enforcement/Test

Post Posted: Tue Feb 25, 2014 3:33 pm

Hey all,

New member - love the forums they have a multitude of information. I have searched for a while and haven't found what I am looking for so here goes...

I am a small business owner who will soon be offering small classes to law enforcement and would like some help if possible designing some test questions and real life results.

I am looking for examples (in a test format in a perfect world) where one could use a pen and paper to solve. I have created a few: Suspect A is captured, iPhone on the table is not locked, battery at 40%. What should the officer do first? What could happen if the phone dies? etc...

I don't know if this is possible, just asking to see if anything is out there or if anyone has suggestions on what they run into the most doing forensic searches?

The main software I use currently is Cellebrite UFED Ultimate.

Thanks for the help!

Adam  

MobileDNA
Newbie
 
 
  

Re: Need Help with Scenario based questions/Law Enforcement/

Post Posted: Tue Feb 25, 2014 4:57 pm

I hope I have not got the wrong end of the stick and I appreciate guidelines/methods may differ in the US to the UK, but here it goes:

1. Questions on forensic guidelines, what a forensic analyst must adhere to. (in the UK it would be ACPO guidelines).

2. What would you do if presented with an exhibit bag containing a mobile phone (which cannot be fully accessed without a SIM Card) and a SIM Card (which was not inserted and may/may not be associated with the device) separately and what could the affects be if the SIM Card was inserted into the mobile phone?

3. What methods could be applied to prevent network connection to a device?

4. If a device was not seized in the correct manner (e.g.: a battery was removed) what could be affected on the device in question? or if the device was turned on/activated with a memory card inserted, what would the affects be?

5. If the connection port is damaged/missing, what would you do? what alternatives methods could be used to obtain the notable data?

6. What data extraction method would you apply if the points to prove for the case was focused on obtaining deleted data? what alternative methods could you use to carve for deleted pictures files etc?

7. If you wanted it to be software specific (you mention you mainly use Cellebrite); scenario: you have completed a file system data extraction from an iOS/Android device, physical analyser has decoded WhatsApp chat messages, however you are missing chat BBM chat messages, what others methods could you use to view (SQLite db files) or/and parse the BBM data using third party tools?

I hope this helps. They are kind of basic things, but I wasn't to sure if you wanted more Q's on how data is stored and file systems etc.......... Smile  

DCS1094
Senior Member
 
 
  

Re: Need Help with Scenario based questions/Law Enforcement/

Post Posted: Tue Feb 25, 2014 5:01 pm

I love it. Thank you!  

MobileDNA
Newbie
 
 
  

Re: Need Help with Scenario based questions/Law Enforcement/

Post Posted: Mon Mar 03, 2014 9:17 am

To provide a proper answer I need to know who your target group is. I know LE - but more specifically. Front line officers who will be executing searches, seizing equipment and then forwarding it their respective digital crimes unit for further/detailed analysis and examination?  

ForensicRanger
Senior Member
 
 
  

Re: Need Help with Scenario based questions/Law Enforcement/

Post Posted: Mon Mar 03, 2014 10:44 am

This would be for front line officers. More of an introduction to cell phone forensics. Information around what can be found or used would be helpful. My target would be smaller le departments without the technology yet.

Hope that helps.

Adam  

MobileDNA
Newbie
 
 
  

Re: Need Help with Scenario based questions/Law Enforcement/

Post Posted: Mon Mar 03, 2014 3:24 pm

Adam,

I know I am mixing apples and oranges, but here is another scenario.

You are called to a possible child abduction at the local Wal-Mart. Store security has already confirmed a small female child was led outside the front door by a white male. The suspect forced the child in a blue van and drove off. A mother stated her niece had a cell phone in her jacket with the phone number 423-123-4567.

Question: What do you do with the number and are the capabilities of all cellular service providers the same?
_________________
Ed

I'm not a cellular technology expert, but I did stay at a Holiday Inn Express last night. 

hcso1510
Senior Member
 
 
  

Re: Need Help with Scenario based questions/Law Enforcement/

Post Posted: Mon Mar 03, 2014 3:33 pm

Thanks Ed. I hadn't thought of that one yet. Appreciate it!  

MobileDNA
Newbie
 
 
Reply to topicReply to topic

Share this forum topic to encourage more replies



Page 1 of 3
Go to page 1, 2, 3  Next