posted by peter on .
As a computing investigator for your local sheriff’s department, you have been asked to go with a detective to a local school that received a bomb threat in an anonymous email. The detective already has information from a subpoena sent to the last know ISP where the anonymous email originated, and the message was sent from a residence in the school neighborhood. The detective tells you that the school principle also stated that the school’s web server had been defaced by an unknown computer attacker. The detective has just obtained a warrant for the search and seizure of a computer at the residence that the ISP identified. Prepare a list of items that should be included in an initial response field kit to ensure that the preservation of computer evidence is maintained when the warrant is executed.
Try some of the following sites:
Google "Electronic Crime Scene" it will be in pdf format by U.S. Department of Justice, Office of Justice Programs
National Institute of Justice and contains what you need to know to help you answer this question