You will be given a copy of a seized forensic image which contained email files. You should conduct a digital forensics investigation to analyse and identify any hidden evidence of

 Assignment Tasks and Deliverables You will be given a copy of a seized forensic image which contained email files. You should conduct a digital forensics investigation to analyse and identify any hidden evidence of unusual activity. You were also told that the MD5 hash value of the forensics image file should be MD5: 04e9372c241360ad1a0e9067635ade47 You can download a copy of the forensics image file here Analyse this file and report your findings using the outline below. (For marking purposes, it is strongly recommended that you follow this outline.) 1. Explain how you downloaded the file, what precautions you took, and how you ensured its integrity? (1 mark) 2. Describe the actual content of the forensics image file. If there are multiple files, list their file names, types and MD5 hash values. (2 marks) 3. Given that "OM3.txt" has a bad signature and the original file header is (25 50 44 46 2d) What tools will you now use to proceed your investigation and why? (5 marks) 4. Discuss Steganography technique and Describe with screenshots how you going to extract any hidden file? (5 marks) 5. Discuss Bit-Shifting technique and Describe with screenshots how you going to fix corrupted file? (10 marks) Expert Report: examples of what should be covered include (but not limited to) a suitable cover page; summary; expert witnesses, tools used, methodology and procedures, complete statement of all opinions and conclusions; supporting facts and data; listing your findings; witness CVs. (7 marks) (no more than 2000 words excluding references. Witness CVs should be attached as appendices] 1. Appendix 1: Any other relevant material you think are essential to support your submission e.g. forms, templates used etc Activity report immersivelabs: Your task to complete 5 Digital forensics labs and ( Introduction to Forensics: Windows Forensics; Order of Volatility; Timestomp; File Command). (click here to registration guide) (10 marks) PowerPoint Presentation (separate submission link on moodle): clear and concise presentation on the key findings and methodology followed. (suitable for a 5 min presentation) (10 marks)