M57-Jean

March 13th, 2012 Leave a comment Go to comments

The M57-Jean scenario is a single disk image scenario involving the exfiltration of corporate documents from the laptop of a senior executive. The scenario involves a small start-up company, M57.Biz. A few weeks into inception a confidential spreadsheet that contains the names and salaries of the company’s key employees was found posted to the “comments” section of one of the firm’s competitors. The spreadsheet only existed on one of M57′s officers—Jean.

Jean says that she has no idea how the data left her laptop and that she must have been hacked.

You have been given a disk image of Jean’s laptop. Your job is to figure out how the data was stolen—or if Jean isn’t as innocent as she claims.

Materials:

  1. Anders Carlsson
    May 8th, 2012 at 06:55 | #1
    Reply | Quote

    Hi
    I cant read the disk images ???
    I do not have Encase, I have FTK and Autopsy
    the First one is accepted, not .E02 ????
    but there is only “free space” cant find any files.

    pleas help me

    Anders

  1. No trackbacks yet.

 
"This material is based upon work supported by the National Science Foundation under Grant No. 0919593. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation."