Fictional teaching artefact
Law enforcement sensitive (simulation)
This page provides downloadable artefacts for assessment referencing. Documents are fictional and designed to model investigative tone and coordination workflow.
Artefacts Library
Students can cite IDs in their answers (example: CC-INTAKE-01).
| ID | Document | Date | Type | Link |
|---|---|---|---|---|
| CC-INTAKE-01 | Incident Intake Summary (LotusCare) (Day 1) | Day 1 | Open | |
| CC-PRESERVE-01 | Evidence Preservation Notice (Day 1) | Day 1 | Open | |
| CC-TRIAGE-01 | Initial Triage Assessment (Day 1) | Day 1 | Open | |
| CC-RFI-01 | Request for Information to LotusCare (Day 2) | Day 2 | Open | |
| CC-BRIEF-01 | Command Brief to Senior Leadership (Day 2) | Day 2 | Open | |
| CC-JURIS-01 | Jurisdictional Limitations Assessment (Day 5) | Day 5 | Open | |
| CC-RFI-02 | System Inventory Addendum — AI-Adjacent Services (LotusCare statement extract) | Day 2 | TXT | Open |
| CC-LOG-04 | Outbound Traffic Snippet (Redacted) — Endpoint Observations | Day 2 | TXT | Open |
| CC-EXH-05 | Recovered Negotiation Model Extract (staging directory artefact) | Day 2 | CSV | Open |
Analyst Reference & Research (External)
Background research consulted by analysts. These documents are not evidence and do not indicate use in the current investigation. Included to support student research.
| ID | Document | Date | Type | Link |
|---|---|---|---|---|
| CC-REF-01 | An Economic Analysis of Ransomware | 2020 | Academic research | Open |
| CC-REF-02 | International Legal Responses to Ransomware | 2025 | Academic / legal / policy analysis | Open |
| CC-REF-03 | Mandatory Ransomware Payment Reporting (Australia) | 2024 | Government policy | Open |
| CC-REF-04 | The Ransomware-as-a-Service Economy within the Darknet | 2020 | Academic research | Open |
| CC-REF-05 |
Hybrid GNN-based Link Prediction Model for Identifying Drug-related
Organised Crime Groups on Twitter
Advanced / optional technical reading on network inference methods.
|
2026 | Academic research (advanced) | Open |
Analyst prompt: consider what data access, legal thresholds, and validation steps would be required to apply
network-inference techniques during an active investigation.
Handling note: treat all external claims (media, leak site) as unverified until corroborated. Avoid premature attribution. Preserve evidence and maintain chain-of-custody (simulation).