Your project for this class will consist of a case study concerning a fictitious company that competes in both the commercial and defense industries.

Your project for this class will consist of a case study concerning a fictitious company that competes in both the commercial and defense industries. The final deliverable will be a detailed Forensic Report based on a forensic image acquired from the company and other relevant information that you will be given (see the guide in the Doc Sharing area). It will be a professional-level product that will serve to showcase your skills in digital forensics acquired during your time at DeVry University.


During the first five weeks of the course, you will have an opportunity to practice your techniques and gain the knowledge required to solve your case by performing challenging but less complex assignments. Your final assignment starts at the beginning of Week 6 and will be due at the end of Week 7, giving you two full weeks for your investigation.


You will not be guided by extremely detailed procedures, so be prepared for some extensive research, practice, and knowledge gathering (questions, discussions, etc.) on your part! Welcome to the real world. Background Information Back to Top

Intelligent Imaging Solutions (IIS) has discovered that some of its most critical and strategic intellectual property (IP) is available for sale on the Internet. IIS is asking DeVry’s CCSI460 digital forensic experts (that means YOU!) to consult with its information security and network administrators to determine how this serious exposure occurred and to recommend appropriate actions. In addition to the exposure, there are other offenses that need documentation.

As a background, IIS has been in business for 15 years creating consumer-oriented navigation systems. They were the first to integrate Geographic Information Systems (GIS) and real-time satellite imagery data with proprietary software algorithms to create their revolutionary “ThinkingNavigator” product line. The TN-1 model has achieved market dominance in the two years since its introduction and IIS competitors are only now starting to implement some of its capabilities.


Recognizing the unique and advanced characteristics of their algorithms, IIS decided to enter into the defense industry with the U.S. government. Less than a year after their decision, they won a major top-secret contract with the Military Security Agency (MSA). This project would integrate IIS’s proprietary algorithms and GIS model with the MSA real-time image extraction processes to create the most sophisticated and automated threat-detection system. The security requirements for this top-secret project were new to IIS and during the first year of the project, the MSA discovered a number of exposures and filed three written violations.

Last month, during the beginning of the second year of the MSA contract, some of the IIS source code that was classified as top-secret was accidentally discovered on the Internet for sale. Prior to this discovery, there was no indication that any security breach had occurred. The CEO of IIS immediately placed all project data under the highest security and notified the MSA.


The MSA determined that seven weeks was an appropriate investigation timeframe and requires that the Final Forensic Report be delivered at the end of the seventh week.

Good luck investigators, and have a fun and great learning experience! Course Project Requirements Back to Top


The final project will be placed in the Doc Sharing area at the beginning of Week 6. It is an individual project and you have Weeks 6 and 7 to complete it. Its name is and is a 14.8MB compressed file. The zip file contains the disk image acquired through FTK Imager and the original FTK acquisition report. The image file is 15.5MB uncompressed so make sure your hard drive has that amount of space free.

Your case is to investigate the Intelligent Imaging Solutions (IIS) image and objectively report on the following.

Your determination of the IIS source code exposure, along with suspects and methods used for the exposure. Your determination of other suspicious and/or illegal activity within IIS.


This investigation should incorporate all previous knowledge gained in the previous CCSI courses, including Digital Crime, Forensics I, and this course.

Your copy of FTK, that you downloaded and installed in the Week 1 Lab, will be used for the investigation. Since this is a senior-level course and the final course in the forensic track, your ingenuity, knowledge, professionalism, and resourcefulness are assumed.

Project Documentation

A properly prepared Forensic Report: This report will be used in criminal proceedings. Remember that this is a professional report and will be graded as such so make it accurate, detailed, objective, professional, easy-to-read, and nice-looking.

During your investigation with FTK, you will be collecting information relating to your investigation and will be given the opportunity to save it in log files. If you consider these logs significant, attach them to the end of your final report as supporting documentation.

A Course Critique and Suggestion page is included at the end of this document and is required to be completed.