*-------------------------  bmc_grad_readme.txt  -----------------------*
	This file describes the contents of the Graduate Education 
	& Current Projects section of my On-line Portfolio.

	Access to the Portfolio link is password protected.  If 
	you are interested in any of the contents of this Portfolio,
	you can contact me via e-mail to request the password.

/********************************************************************\
	Portfolio  ~  Graduate Education & Current Projects
\********************************************************************/
This section of my portfolio comprises selected practicals, papers &
presentations that I have written in the course of my graduate 
education and personal projects.


	Note:	Most of these zip files have been created to 
		retain relative paths or folder hierarchy.  Since 
		many folders contain files by the same name (like 
		a readme.txt file), it is recommended that if you unzip 
		a file with more than one program, that you retain the 
		folder hierarchy.
		
		For Example: 
		If you are using Norton Utilities File Manager, click 
		the "Use Stored Folders" option.  If you are using the 
		WinZip Utility, click the "Use Folder Names" option.

You have 3 different download options:

1) Download one .zip file containing my Graduate Portfolio: 
   bmc_grad_portfolio.zip

2) Download .zip files containing the 4 sections of this portfolio:
	
		Evidence_Recovery_Practicals.zip
			- Evidence Reports and Processing notes from 
			  "case" practicals from Computer Forensics I

		Networking_Practicals.zip	
			- Evidence Reports and Processing notes from 
			  "case" practicals from Computer Forensics II
			  
		Papers_Presentations.zip
			- Technical & Forensic papers & presentations
			  from Computer Forensics Graduate Certificate
			  Program
			  
		Tools_Forensic.zip
			- Forensic tools and utilities used in 
			  course practicals and investigations

 
	If you download these files, unzip them to a directory that 
	you have created for this purpose.

	When you unzip these files they will create 
	the following directories respectively:

		Evidence_Recovery_Practicals/
				CGS5131_Practical_01/
				CGS5131_Practical_02/
				CGS5131_Practical_03/
				CGS5131_Practical_04/
						
		Networking_Practicals/
			  	CGS5132_Practical_01/
				CGS5132_Practical_02/
				CGS5132_Practical_03/
								
		Papers_Presentations/
				CCJ6938_ComputerCrimeCosts_01.zip
				CrimeSceneInvestigationTermPaper.zip
				DOS_Attacks.zip	
						
		Forensic_Tools/
				DOS7_BootDisk/ 
				Prune_SeeJunk/
				PutFlop_GetFlop/	
					
* See the Scenario 3 Description for full descriptions of the 
  contents of each directory.	

  
3) Download the individual programs or documents:

   Bmc_Forensics/
	   Evidence_Recovery_Practicals/
				CGS5131_Practical_01.zip
				CGS5131_Practical_02.zip
				CGS5131_Practical_03.zip
				CGS5131_Practical_04.zip
				
		Networking_Practicals/		
			  	CGS5132_Practical_01.zip
				CGS5132_Practical_02.zip
				CGS5132_Practical_02.zip
				
		Papers_Presentations/
				CCJ6938_ComputerCrimeCosts_01.zip
				CCJ6938_Criminological Theory and Computer Crime - 02.zip 
				CrimeSceneInvestigationTermPaper.zip
				DOS_Attacks.zip

		Tools_Forensic/
				DOS7_BootDisk.zip 
				Prune_SeeJunk.zip
				PutFlop_GetFlop.zip 		


Scenario 3: Descriptions - Individual practicals, papers & presentations:

	Again if you unzip these files choose to retain the stored 
	folders or paths option in your zip utility.

Evidence_Recovery_Practicals/ files:
	(I have enclosed the image files of the floppy disk evidence - you
	can use the tools, putflop.exe and getflop.exe to extract this 
	image to a disk.)	
	
	CGS5131_Practical_01.zip 
		Recover the incriminating image/images of "Kitty" Pornography 
		believed to be on the disk.  (file recovery)
	
	CGS5131_Practical_02.zip
	    Determine if there is anything on the diskette which can be used 
		to further the current investigation of Mr. Ous with regard to 
		his financial activities.  (password protection)
	
	CGS5131_Practical_03.zip
		Recover any probative information contained on the disk that may 
		lend insight to the question of a possible security breach of 
		taking the files out of the office of employment of the suspect.  
		(slack space)
	
	CGS5131_Practical_04.zip 
		The evidence was recovered under a dead body.  The death does not 
		appear to be from natural causes.  (physical damage)
	
	
Networking_Practicals/ files:

	CGS5132_Practical_01.zip 
		Investigating bootable version of Linux called Trinux and a 
		software utility called VIAClean.
	
	CGS5132_Practical_02.zip  
		Investigating Unix / Linux commands and logs of forensic value.
	 
	CGS5132_Practical_03.zip
		Investigating SysInternals Utlilites: diskmon, filemon & pstools.	
		
		
Papers_Presentations/ files:

	CCJ6938_ComputerCrimeCosts_01.zip 
		Small research on the costs of Computer Crime in the US
		(MS Word 97 .doc file) 
		
	CCJ6938_Criminological Theory and Computer Crime - 02.zip
		Small research on the Criminological Theory and the sociology of the computer criminal
		(MS Word 97 .doc file)			
		
	CrimeSceneInvestigationTermPaper.zip
		Forensics Term Paper researching Crime Scene Investigation 
		(MS Word 2000 .doc file)
			
	DOS_Attacks.zip
		Presentation on Denial of Service Attacks
		(MS PowerPoint 95/97 .ppt file)
	
	
Tools_Forensic/ files:

	DOS7_BootDisk.zip 
		Image and readme.txt file for DOS 7 boot disk.
	
	Prune_SeeJunk.zip
		Two useful utilities, Prune and SeeJunk.
	
	PutFlop_GetFlop.zip 
		Imaging utilities to put and/or get an image from a 720 or 1.44 
		3.5" floppy diskette.
					  
*-------------------------  bmc_grad_readme.txt  -----------------------*