What are the main questions that a forensic laboratory is bound to discover?
Crime scene investigators use a forensic laboratory to investigate crime. When the investigators analyze crime scene or samples of evidence from the scene in the forensic laboratory, they ask themselves the following questions. Who participated in the crime? The investigators use the evidence at the crime, for example the fingerprints, to determine the people who were present at the crime scene. The investigators also ask the question, what did they do? These questions enable the investigators to determine the contribution of the people towards the crime. Other questions that they ask are, when did they do the crime? And how did they do it? The investigators can determine the answers to all the questions, using the evidence that they gather from the crime scene. However, they cannot answer the question of why. Usually, the investigators determine the motive of the crime by speculation, rather than using the evidence from the scene (Vacca, 2013).
2. Could the regular IT “build center” lab be used also as a forensic laboratory?
The regular IT lab is not suitable for forensic studies. The main reason for its unsuitability is a forensic laboratory requires a lot of regulation, especially on hygiene, to ensure that the investigators get high quality forensic evidence (Vacca, 2013). The regular IT lab does not have all the equipment that the investigators require when performing crime investigation.
3. When should you start the chain of custody process?
The objective of the chain of custody process is to secure the scene of crime (Vacca, 2013). The importance of securing the scene is to prevent any kind of interference of the crime scene by people, or bad weather (Vacca, 2013). The chain of custody is a process that starts the moment the crime scene investigators arrive at the scene. The first step is to secure the scene, and prevent any unwanted access to the scene. It is important that even before the crime scene investigators collect, tag, and bag evidence from the scene; they have to secure it through the chain of custody processes. Even after collecting the evidence, the investigators have to secure the scene for any necessary future use in the investigation (Vacca, 2013).
4. What requirements are necessary to house evidence?
Crime investigators must house the evidence that they get from their investigation in a secure and tamper-proof manner. They should lock the cabinets in which they store their evidence. They should also lock the rooms where they keep their evidence, and use evidence seals. Paperwork trails are also important for housing evidence safely (Vacca, 2013).
5. Is Parabens P2 Commander a multi-threaded application?
Yes. Parabens P2 commander has features of a multithreaded application. The back end of the database, for example, has high optimization to hold large amounts of multi-threaded data. Also, the database has high task scheduling capabilities, which enable it process a lot of time within a short period of time (Vacca, 2013).
6. Name one open source and one commercial source that could be used to perform similar forensics to Parabens P2 Commander.
Pyflug is an open source that performs the same forensic functions as the Parabens P2 Commander. Pyflug is a web-based forensics software. It uses the GUI log analysis. The softwares developers use Python to write the forensics software. “SANS Investigative Forensics” is a commercial software that works like the Parabens P2 Commander. The platform on which the SANS Forensics operates is the Ubuntu Operating System (OS). Its forensic investigation nature is multi-purpose (Vacca, 2013).
7. What is a “DD” file?
The short form “DD” stands for “Device Description”. A “dd” file is “An electronic data file, whose preparation follows the Device Description Language (DDL) specifications” (Vacca, 2013, p.167). The file describes the specific characteristics (features) and roles (functions) of a device. It includes the specifications of the graphic display characteristics and the menus, which the host application uses.
8. Does a Parabens P2 Commander allow you to investigate a laptop with 64-bit operating system?
Yes. I can investigate a computer with a 64-bit OS, using the Parabens P2 commander. The Version 1.6 of the P2 Commander has the added support of 64-bit, which makes it compatible with the OS, hence suitable for investigating such computers (Vacca, 2013).
9. Explain why it is a good idea to make an image or copy of the targeted image when conducting a forensic case analysis.
The copy or image of the target image guides the forensic examination. Also, the forensic examination process may face some problems that would limit the accuracy of the evidence. However, with a copy of target image, the investigator easily overcomes such problems because the image guides him. It also offers an alternative that enables him to know if the error occurred and compromised the final image, by comparing it with the copy (Vacca, 2013).
10. Describe in your own words, why it is so important to properly document and create cases to house all the relevant forensic information pertaining to an investigation.
Investigators require retrieving the forensic information that they get from their investigations. Proper documentation enables them to locate and retrieve the forensic information easily. Cases for housing the information ensure that the quality of the information remains high, and the information remains safe from any damage.
Vacca, J.R. (2013). Computer Forensics: Computer Crime Scene Investigation. Google Books.