Investigate an Incident Through Digital Forensics

Capstone project applying incident response frameworks and practical digital forensics tasks, including USB imaging and evidence analysis.

Overview

This capstone project simulated a real-world security incident affecting Oceanix Living, a manufacturing organization. The scenario involved compromised data and required a structured, time-sensitive response. The focus was on applying an appropriate incident response framework and performing a digital forensics investigation to preserve and analyze evidence.

Completion date: 02 Jan 2026
Duration: 1 hr 40 mins


Objectives

By completing this project, I demonstrated the ability to:

  • Investigate incident reports through digital forensics workflows
  • Create a forensic image of a USB flash drive
  • Analyze digital evidence to identify relevant findings and support an incident timeline

What I Did

Incident response framing

  • Applied an incident response approach tailored to a manufacturing environment
  • Prioritized evidence preservation and investigative sequencing under realistic constraints

Evidence acquisition (USB imaging)

  • Created an image of a USB flash drive for forensic analysis
  • Maintained an evidence-handling mindset aligned with integrity and repeatability

Evidence analysis

  • Analyzed the collected evidence to extract investigation-relevant artifacts
  • Interpreted findings in the context of incident reports and the compromise scenario

Assessment

This capstone included two assessments:

  1. A project-based assessment requiring an 80% score to pass (with retries available)
  2. A 10-question assessment requiring an 80% score to pass (with retries available)

Skills Applied

  • Incident response process selection and application
  • Digital forensics fundamentals (acquisition and analysis)
  • Evidence handling mindset (integrity, repeatability, defensibility)
  • Practical investigation reasoning under time pressure