Setting up a digital forensic lab is not an easy process, but setting lab for student education is even harder since lab has to provide real life environment and education setup in one infrastructure setting.
Since most of edu infrastructure are cloud oriented it is worth of using cloud as environment or basic infrastructure. Since tools are really heterogeneous it is not easy to define setup and configuration.
All tools must be usable and all scenarios must be available.
We decided to use lab management software to create as much as possible open and tool-agnostic environment for work. Foreman is simple but very streamlined open source lab management tool, being platform agnostic is its best feature.
As main lab case management tool it allows us define real life cases or educational cases in real life style for executing all steps of digital forensic model.
Since Foreman enforce work-flow it requires additional standard paperwork, forms, to cover task control and quality assurance.
Students are defined as investigators, being tasked to execute forensic tasks defined and delivered to them trough Foreman interface. Edu personnel is case administration and QA part of process, where getting positive grade means that investigators work has passed minimal QA controls. Handling evidence, storing, accessing tools and reports are only noted in Foreman, not done in Foreman, but this track still it is a key part of forensic process monitored by Foreman.
Such approach allows us to use practically and forensic tool available, also it provides us with real life combined not fully integrated environment where success depends not only on skills but also on administrative discipline and ability to follow procedures.
7.3.2018 Setting up necessary paperwork for proper tools flow is complex task, it should be as real as possible, while flexible enough for variations for different types of cases. The environment should cover not only static case processing but also real-time incident situations.
Since most of edu infrastructure are cloud oriented it is worth of using cloud as environment or basic infrastructure. Since tools are really heterogeneous it is not easy to define setup and configuration.
All tools must be usable and all scenarios must be available.
We decided to use lab management software to create as much as possible open and tool-agnostic environment for work. Foreman is simple but very streamlined open source lab management tool, being platform agnostic is its best feature.
As main lab case management tool it allows us define real life cases or educational cases in real life style for executing all steps of digital forensic model.
Since Foreman enforce work-flow it requires additional standard paperwork, forms, to cover task control and quality assurance.
Students are defined as investigators, being tasked to execute forensic tasks defined and delivered to them trough Foreman interface. Edu personnel is case administration and QA part of process, where getting positive grade means that investigators work has passed minimal QA controls. Handling evidence, storing, accessing tools and reports are only noted in Foreman, not done in Foreman, but this track still it is a key part of forensic process monitored by Foreman.
Such approach allows us to use practically and forensic tool available, also it provides us with real life combined not fully integrated environment where success depends not only on skills but also on administrative discipline and ability to follow procedures.
7.3.2018 Setting up necessary paperwork for proper tools flow is complex task, it should be as real as possible, while flexible enough for variations for different types of cases. The environment should cover not only static case processing but also real-time incident situations.
