IM521 Digital Forensics
Assessment Task 2 – Digital Forensic Standards and Investigation Framework Report
Weight: 30%
Due: Week 9
Word Limit: 2000 words (+/- 10%)
Unit Learning Outcomes Assessed
LO2 Apply advanced tools and techniques to conduct digital forensic investigations
LO3 Critically analyse ethical and legal challenges in digital forensics
LO4 Critique forensic methods and tools to preserve digital evidence
LO5 Identify and interpret digital artefacts in complex investigations
Purpose of the Assessment
Digital forensic investigations must follow structured standards, guidelines, and legal procedures to ensure that digital evidence is correctly collected, preserved without alteration, analysed using validated tools, and presented in court as admissible evidence. This assessment requires students to critically evaluate major digital forensic standards and apply them to a simulated investigation scenario.
Assessment Task
Students must produce a 2000-word analytical report that:
1. Explains the digital forensic investigation process
2. Critically evaluates major forensic standards
3. Applies these frameworks to a realistic cybercrime scenario
4. Analyses legal and ethical issues
5. Provides professional recommendations
Recommended Report Structure
1. Introduction (Approx. 200 words)
Introduce digital forensics, explain the importance of digital evidence in modern investigations, describe the role of standards and frameworks, and outline the structure of the report.
2. Digital Forensic Investigation Process (Approx. 400 words)
Explain the digital forensic lifecycle including identification, preservation, collection, examination, analysis, and presentation. Reference frameworks such as NIST Digital Forensics Framework, ISO/IEC 27037, and ACPO Digital Evidence Principles.
3. Analysis of Digital Forensic Standards (Approx. 500 words)
Analyse at least two digital forensic standards such as ISO/IEC 27037, NIST SP 800-86, ACPO Digital Evidence Principles, or the Electronic Discovery Reference Model (EDRM). Discuss scope, key principles, advantages, and limitations.
4. Application to Investigation Scenario (Approx. 600 words)
A large agribusiness company suspects that an employee has stolen proprietary crop analytics data and shared it with a competing company. Suspicious email activity, large data transfers, and unusual USB usage have been detected. Explain how you would conduct the investigation including evidence collection, forensic tools, preservation, and artefact analysis.
5. Ethical and Legal Considerations (Approx. 200 words)
Discuss privacy issues, evidence admissibility, jurisdiction challenges, and ethical responsibilities of digital forensic investigators.
6. Conclusion (Approx. 100 words)
Summarise key findings and emphasise the importance of digital forensic frameworks in ensuring credible and legally admissible investigations.
Referencing Requirements
Students must include a minimum of 8 academic references including peer‑reviewed journal articles, cybersecurity reports, and forensic standards documentation. Referencing style: APA 7.
Detailed Marking Rubric
| Criteria | HD (80–100) | D (70–80) | C (60–70) | P (50–60) | F (<50) |
| Understanding of Digital Forensics Concepts | Comprehensive understanding with strong theoretical integration | Strong understanding with minor gaps | Reasonable understanding but limited depth | Basic understanding with some inaccuracies | Poor or incorrect understanding |
| Analysis of Forensic Standards | Excellent critical evaluation of standards | Strong analysis with good comparison | Adequate explanation but limited evaluation | Mostly descriptive discussion | Minimal or incorrect discussion |
| Application to Case Scenario | Highly logical and realistic investigation plan | Good application with minor gaps | Reasonable attempt but lacks depth | Basic application with limited reasoning | No meaningful application |
| Identification of Digital Evidence | Sophisticated identification and interpretation | Strong identification of artefacts | Adequate identification | Limited identification | Evidence types misunderstood |
| Legal and Ethical Analysis | Insightful discussion of legal and ethical implications | Good analysis with clear understanding | Moderate discussion | Basic mention of issues | Missing or incorrect |