BFN1 Task 1 WGU D431 : Investigative Plan of Action .
1. Strategy to Maximize Evidence Collection &
Minimize Impact
As a professional I understand that this investigation must balance two primary goals: the thorough
and uncompromising collection of relevant evidence, and the careful preservation of the day-to-day
operations and morale within your company.
To accomplish this, I’ll outline a clear scope for the investigation, focusing specifically on the actions and
systems related to accusations surrounding John Smith, while maintaining respectful boundaries with
the rest of your team. All my actions will be meticulously documented, ensuring a transparent and
accountable process.
1. Minimal System Disruption: To reduce the impact on business operations, we'll employ
strategies like Live Forensics, where possible, to collect evidence from running systems
without shutting them down. We'll also schedule any disruptive activities (like system
imaging) for off- peak hours to minimize downtime.
2. Preserving Business Continuity: Where necessary, we'll work with your IT department to
create backups or clones of critical systems before we start our investigation. This helps ensure
that even if we need to take a system offline for a while, a copy can be made available to keep
your operations running smoothly.
3. Employee Communication: We believe in maintaining transparency while respecting privacy.
We'll keep relevant personnel informed about the general progress of the investigation,
without revealing sensitive details. This can help alleviate any potential anxiety among your
staff and maintain trust.
4. Documentation: Every step of our investigation will be meticulously documented. This ensures
transparency, aids in maintaining the chain of custody for collected evidence, and can be
critical in case of any legal proceedings.
2. Tools and Techniques for Evidence Gathering &
Analysis
In this era of complex digital environments, it's imperative that we utilize a varied toolkit and
multi-faceted techniques for our investigation. We're aiming to cover as much ground as possible,
while also maintaining a keen focus on the most likely sources of evidence.
• Digital Forensic Tools: Our investigation will be armed with state-of-the-art digital forensic
tools. Software like FTK Imager and EnCase, known for their powerful data analysis capabilities,
will enable us to capture and examine data from various digital sources. Autopsy, a highly-
regarded open-source digital forensics platform, will be another important tool in our arsenal,
providing us with a versatile platform for comprehensive data analysis.
1. Strategy to Maximize Evidence Collection &
Minimize Impact
As a professional I understand that this investigation must balance two primary goals: the thorough
and uncompromising collection of relevant evidence, and the careful preservation of the day-to-day
operations and morale within your company.
To accomplish this, I’ll outline a clear scope for the investigation, focusing specifically on the actions and
systems related to accusations surrounding John Smith, while maintaining respectful boundaries with
the rest of your team. All my actions will be meticulously documented, ensuring a transparent and
accountable process.
1. Minimal System Disruption: To reduce the impact on business operations, we'll employ
strategies like Live Forensics, where possible, to collect evidence from running systems
without shutting them down. We'll also schedule any disruptive activities (like system
imaging) for off- peak hours to minimize downtime.
2. Preserving Business Continuity: Where necessary, we'll work with your IT department to
create backups or clones of critical systems before we start our investigation. This helps ensure
that even if we need to take a system offline for a while, a copy can be made available to keep
your operations running smoothly.
3. Employee Communication: We believe in maintaining transparency while respecting privacy.
We'll keep relevant personnel informed about the general progress of the investigation,
without revealing sensitive details. This can help alleviate any potential anxiety among your
staff and maintain trust.
4. Documentation: Every step of our investigation will be meticulously documented. This ensures
transparency, aids in maintaining the chain of custody for collected evidence, and can be
critical in case of any legal proceedings.
2. Tools and Techniques for Evidence Gathering &
Analysis
In this era of complex digital environments, it's imperative that we utilize a varied toolkit and
multi-faceted techniques for our investigation. We're aiming to cover as much ground as possible,
while also maintaining a keen focus on the most likely sources of evidence.
• Digital Forensic Tools: Our investigation will be armed with state-of-the-art digital forensic
tools. Software like FTK Imager and EnCase, known for their powerful data analysis capabilities,
will enable us to capture and examine data from various digital sources. Autopsy, a highly-
regarded open-source digital forensics platform, will be another important tool in our arsenal,
providing us with a versatile platform for comprehensive data analysis.
