top-rated free essay

Assignment unit 3

By davico19 Jun 14, 2015 664 Words


Assignment Unit 3
Part I Hands-On Steps
Part 1: Use WinAudit to inventory the vWorkstation
1. Figure 1 shows screen shot of system overview using WinAudit a. Figure 1

2. Figure 2 shows screen shot of Windows Firewall findings.
b. Figure 2

3. Figure 3 shows screen shot of user accounts findings.
c. Figure 3

4. Figure 4 shows screen shot of Drive C findings.
d. Figure 4

5. Figure 5 shows screen shot of Physical Disk.
e. Figure 5

Part 2: Use DenManView to identify system devices
1. Figure 1 show screen capture of CDROM and System CMOS/real time clock. . Figure 1

There are 89 devices identified by DenManView.
Part 3: Use Frhed to perform a byte-level file analysis
1. Figure 1 shows screen shot of Frhed view of target.abc
. Figure 1

2. Figure 2 shows screen shot of target.jpg file.
. Figure 2

3. Figure 3 shows screen shot of entire contents of the file properties dialog box. . Figure 3

Part II Lab Assessment Questions & Answers
1. What is the main purpose of a software tool like WinAudit in computer forensics? WinAudit is a GUI based tool that reports on a numerous aspects of running system, inclduign both volatile and non-volatile information, providing computer inventory and system configuration (Aquilina, J., & Casey, E., 2008). 2. Which item(s) generated by WinAudit would be of critical importance in a computer Forensic investigation? I will say that some of the most important items in a computer for a forensic investigation are: Drivers, running programs, installed programs, operating system, computer name, security setting and configurations, and firewall configurations. 3. Could you run WinAudit from a flash drive or any other external media? If so, why is this important during a computer forensic investigation? Yes, we can run WinAudit from a flash drive. Its important during a computer forensic investigation because it would prevent alter any important evidence. 4. Why would you use a tool like DevManView while performing a computer forensic investigation? I would use DevManView because it displays the properties of all devices running in a computer that is using my network. 5. Which item(s) available from DevManView would be of critical importance in a computer forensic investigation? The item available form DevManView that are important in a computer forensic investigation are mostly hardware, and most likely they are Hardrive and USB devices that its been use within the network. 6. What tool similar to DevManView is already present in Microsoft Windows systems? Another tool similar to DevManView that is used in Microsoft Windows systems is WinHEX 7. Why would someone use a Hex editor during a forensic investigation? A forensic investigator need Hex editor for analyzing file structures allowing him to go beyond the application or file, and it will allows for the viewing of all the data contained within a file including remnant of old file or even deleted files (Marcella, A., & Guillossou, F., 2012). 8. What “clue” in the Frhed examination of target.abc led you to the correct extension for that file? The “clue” that led me to correct the Frhed examination of target.abc was the Target.jpeg. 9. Describe the contents of the target.jpg file, and the application in which it opens. The content of the target.jpg file is a picture of a fingerprint, which let us to view the hexadecimal file as an image. The application in which it opens was Windows Photo Viewer. 10. Why do you need to keep evidence unaltered?

It’s important that we kept evidence unaltered for admissible purposes. If the evidence it’s altered it could become inadmissible in a court, changing the path and result of a digital forensic case.

Reference
Aquilina, J., & Casey, E. (2008). Malware Incident Response: Volatile Data Collection and Examination on a Live Windows System. In Malware forensics investigating and analyzing malicious code. Burlington, MA: Syngress Pub.

Marcella, A., & Guillossou, F. (2012). The Power of HEX. In Cyber forensics: From data to digital evidence. Hoboken, New Jersey: Wiley.

Cite This Document

Related Documents

  • unit 3 assignment 4

    ... Unit 3 Mica Shufflebotham Introduction to Marketing Assignment 4 Cadburys Dairy Milk chocolate- Information sheet 1 Customers and consumers A person that purchases for the product or service is a customer, whereas the consumer is the ultimate user of the product or service. A person can be both the customer and consumer. Thi...

    Read More
  • unit 2 assignment childcare level 3

    ...Whole resubmission D1 - Discuss the child’s needs in relation to the selected area of development. The three observations that I carried out shows that . . . Written Account The observations show that child A has not developed fully balance and coordination as he got unsteady on the tram-pet, we can help to improve this by putting in ...

    Read More
  • Mt435 Unit 3 Assignment

    ...be a disadvantage. Another disadvantage that I noticed is that all of their produces are made in house which affect their cost as well. When it comes to shipping they only have two means which is shipping (larger freight ships) and truck shipping. Although there profit margin may at times be less than 35% we also have to think if they operating ...

    Read More
  • pa110 unit 3 assignment

    ...Tanya Buckmaster PA101 Unit 3 Kaplan University December 2, 2014 IN THE UNITED STATES DISTRICT COURT FOR THE NORTHERN DISTRICT OF ILLINOIS JUSTIN WILLIAM KING, ) ) Plaintiff. ) ) ) v. ) ) ANHEUSER-BUSCH COMPANIES, INC. ) ) Defendant. ) ____________________________________) COMPLAINT ...

    Read More
  • Albatross Unit 3 Assignment

    ...depreciation, deterioration, spoilage, taxes and insurance to name a few. d) Cost of Finished Goods Sitting Idle in the Warehouse: For the international orders the inventory of finished goods stays in the inventory along with the raw materials since the production is only done in small batches. This ultimately increases the holding cost f...

    Read More
  • Unit 3 Task 3 Assignment

    ...Wendie Lunn Unit 3 Health and Safety and Security Task 3 Risk Assessments A risk assessment is something that will be written up before an outing, the assessment covers what the risks are, who can be put at risk, where the risk could take place, when the risk is most likely to happen and how the risks will harm the service users. A risk ass...

    Read More
  • Unit 3 Assignment

    ...Marcos Vazquez Unit 3 chapter 4 and chapter 5 case stud and, ended questions HS450 Professor Jaeckel Case Study 1 Tri-Star Health Insurance Company Discussion Questions 1. What should Fisher have done when he first decided to tackle this project? 2. What protocols should have been in place to avoid the present situation? 3. What posit...

    Read More
  • HA510 Unit 3 Assignment

    ...HA510-02 Organizational Development for Healthcare Unit Three (3) Assignment Kaplan University Instructor: Tracy Smith October 7, 2013 Revised: October 10, 2013 Unit 3: Planning – Tools and Techniques Page | 2 Report: Interview with Ronald G. Spaeth, FACHE, president Evanston Northwestern Healthcare Foundation The objective of this report...

    Read More

Discover the Best Free Essays on StudyMode

Conquer writer's block once and for all.

High Quality Essays

Our library contains thousands of carefully selected free research papers and essays.

Popular Topics

No matter the topic you're researching, chances are we have it covered.