Cloud Forensics and Encryption.
I need an explanation for this Computer Science question to help me study.
Project 3 Start Here
Yvonne, your manager, has asked you to continue to assist law enforcement by working to recover case-related information from encrypted files and artifacts that the law enforcement team has not been able to access. There are two computer images that contain encrypted files, and law enforcement has been trying to decrypt the files while working on each image individually. The feeling is that the case can be cracked wide open with the evidence contained in the encrypted files, so this has become a high priority.
You know that there are a variety of tools and techniques to perform decryption. Because encryption often uses a mathematical element, decryption is generally best performed in an environment that is optimized for mathematical operations. Video games and other graphic intensive applications are also mathematically intensive, so the video game environment can provide insight into architecting a decryption environment. Graphic cards can be 50 to perhaps 100 times faster at processing decryption than physical memory (RAM). Ultimately, utilizing an environment that has the ability to leverage one or more high speed graphic cards can be a tremendous boost in decryption time.
In this lab we don’t have the luxury of using a specialized decryption environment with multiple parallel high-speed graphic cards. However, the two computer images are small, so processing time isn’t as long as it would be if we had large computer image files to work through.
In this project you will use Access Data’s Forensic Toolkit (FTK) and Password Recovery Toolkit (PRTK) to attempt to decrypt a number of different types of encrypted files. There are a variety of ways to attempt decryption, including brute force and the use of word lists.
This project consist of six steps:
- Create a Case
- Evaluate the Challenges Presented by Cloud Computing
- Identify Encrypted Files and Artifacts
- Create a Word List and Prepare to Carry Out the Decryption Attack
- Carry Out the Decryption Attack and Write a Report
- Submit Your Final Decryption Report
Your final decryption report will be assessed on the quality of documentation of your approach and the decrypted files, passwords, and/or decryption methods.
Now that you have an idea of the task ahead, click on Step 1 to get started.
When you submit your project, your work will be evaluated using the competencies listed below. You can use the list below to self-check your work before submission.
- 3.4: Employ software applications and analytic tools to analyze, visualize, and present data to inform decision-making.
- 6.7: Access encrypted data or process data and systems that have been subjected to anti-forensics techniques.
- 7.1: Conduct forensic analysis on a database system.
- 7.2: Ensure evidence integrity.
- 7.3: Utilize investigation techniques.
- 7.4: Utilize scripting (programming).
- 9.1: Examine Data Storage and Transport Technologies.
- 9.2: Evaluate Enterprise Architecture.