SlideShare a Scribd company logo

Cs6004 cyber fofrensics_qb

loyola ICAM college of engineering and technology
loyola ICAM college of engineering and technology

This document provides a question bank for the course CS6004 Cyber Forensics. It includes questions in 5 units covering topics such as IPsec, SSL, digital signatures, firewalls, computer crimes, digital evidence collection, file systems, data hiding, and network/email forensics. The questions range from basic definitions and differentiations to longer explanations and analyses. The document aims to assess students' understanding of key concepts and techniques in cyber forensics.

1 of 6
Download to read offline
CS6004CYBER FORENSICS QUESTION BANK UNIT I PART A 1 Distinguish between HMAC and MAC. 2 List out the basic components of the IPsec architecture 3 Identify Security Associations with the help of three parameters. 4 Give some basic differences between encryption and decryption. 5 What do you know about Key Management for IPsec? 6 Classify Payload into different types. 7 Differentiate between SSL Protocol and TSL protocol. 8 Design ISKMP in terms of its header format. 9 Asses alternative operation of HMAC computation using MD5/SHA-1. 10 List the fields in AH Format. 11 List the elements involved in the session states. 12 Analyze the differences between SSL and IPsec. 13 Classify using some specifications of SSL related Alerts which are always fatal to be used. 14 Show how the TLS supports all of the error alerts defined in SLv3. 15 State Compression and Decompression using SSL Reco protocol. 16 Define a Pseudo-Random Function 17 Differentiate between SSL v3 and TLSMAC Schemes. 18 Decide when and under which circumstances “FINISHED MESSAGE” used? 19 Show in points the three services for SSL connections between Server and Client. 20 Develop the two ways for exchange of the premaster Secret PART B 1. Explain in detail about IPSec Protocol Documents. 2. Explain in detail about HMAC with its Structure and suitable example. 3. Illustrate briefly about the computation of HMAC using the following methods:- 1. (i)HMAC-MD5 computation using the RFC method. (ii)HMAC-SHA 1 computation using Alternative method. 4. Analyze how the Security Association is used in the following parameters:- (i)Security Policy Database (ii)Security Association Database (iii)Transport Mode SA (iv)Tunnel Mode SA 5. Illustrate about: IP Authentication Header i. (ii)AH Format (iii)AH Location 6. Give a brief account of IP ESP with some suitable diagrams. 7. Describe in detail about:- i. (i)Session and Connection State. (ii)SSL Record Protocol. 8. (i) Explainthe SSL Change Cipher Spec Protocol. (ii) Explain the SSL Alert Protocol. 9. Explain in detail about SSL Handshaking Protocol between a Server and Client Connection with an appropriate diagram. 10. Examine the Cryptographic Computations while using the following scenario:- i. Computing the Master Secret ii. Converting the Master Secret into Cryptographic Parameters
UNIT II PART A 1.Point out the Digital Signature Service Provided by PGP. 2.Differentiate between PGP and S/MIME 3.List the algorithms used in PGP 5.X. 4.What do you mean by „Inside Signature‟ in S/MIME? 5.How will you assess „Digital Envelope‟ in S/MIME? 6.Generalize the types of „Bastion Host‟ in Internet Firewall. 7.Classify different types of firewalls available in Forensics. 8.Define Virtual Private Network (VPN). 9.Classify various types of Proxies. 10. Tabulate any example of SMTP Packet rule sets. 11. Define Logging. 12. Discriminate between circuit-level gateway and application-level gateway. 13. Contrast choke point and audit log 14. Formulate the important features of Firewalls. 15. Demonstrate FTP Packet Filtering with an example. 16. Define SET for E-Commerce Transactions. 17. List the cryptographic principles used in SET. 18. Define Dual signature. 19. List some of the processes in merchant registration. 20. Pointout the business requirements for SET PART B 1.Explain in detail the basic concepts of a) Confidentiality via. Encryption b) Authentication via. Digital Signature. 2.Formulate the idea behind using the following terms: a) Compression b) Radix-64 Conversion with an example. 3.Explain in detail about :- a) Packet Header b) Packet Structure with suitable examples. 4.Illustrate briefly about the Electronic mail security mechanisms: a) Enhanced Security Services for S/MIME b) MIME 5.Explain in detail about :- a) Role of Firewalls. b) Firewall Related Terminology 6.Briefly explain the types of Firewalls with a neat diagram and examples 7.Write a short note on a) Firewall Designs b) Examining the Packet Filtering gateway and Application Level Gateway dissimilarities.
8.Explain briefly about the following security mechanisms:- a) Logging and Alarms , VPN b) DMZ and Choke Point c) Key material Packets in PGP 9.Explain in detail about S/MIME and the general syntax it uses to supportdifferent content types. 10. Explain in detail about :- a) Single-Homed Bastion Host b) Dual Homed Bastion Host c) Screened Subnet Firewall UNIT III PART A 1. Define Traditional Computer Crime. 2. What is meant by Identity theft? 3. What is „Identity Fraud‟? 4. Point out which CF Techniques are being used for Investigations. 5. Show what preparations are required for Incident Response Methodology? 6. Show the steps in Incident Response Methodology? 7. List some of the scopes of Foreign Investigations. 8. How will you specify the rules for computer Forensics in investigation? 9. Classify different types of Computer Forensics Technology? 10. What are the types of Computer Forensics Systems? 11. Decide the Criminal and civil proceedings which can be used as computer Forensics Evidence. 12. Define the term „HACKING‟ 13. How will you find out the Hidden Data in Forensics Technology? 14. What are the hierarchy involved in internet security forensic system? 15. How can the Hackers gain advantage in stealing essentials of investigation in forensics? 16. Express about why the evidence media be write Protected. 17. List the three items should be on an evidence custody form. 18. How will you plan the most critical aspects of computer Evidence? 19. Define RAID Data Acquisition. 20. Assess the disadvantages of using the WINDOWS XP/VISTA USB write-protection Registry Method? PART B 1. Examine the traditional Computer crimes associated with Cyber Forensics. 2. Explain in detail about Identity Theft and Identity Fraud and mention the points of differences between them. 3. Explain in detail about Incident Response Methodology and the six steps associated with it 4. Analyze briefly about the Forensic Duplication and Investigation 5. Examine in detail the roles of the following in detail:- i. Forensics Technology ii. Forensics Systems 6. Discuss in detail about the following:- i. Systematic Approach in Computer Investigations. ii. Conducting an Investigation in Computer Investigations. 7. Describe in detail about the following:- i. Understanding Data Recovery Workstations and software
ii. Preparing for a Computer Investigation. 8. Examine the following terms in detail:- i. Understanding Storage Formats for Digital Evidence ii. Using Acquisition Tools. 9. Describe in detail about the following terms in detail:- i. Validating Data Acquisition ii. Performing RAID Data Acquisitions 10. Demonstrate how to use Remote Network Acquisition Tools in cyber Forensics. UNIT IV PART A 1 Define the term “Digital Evidence”. 2 List the general tasks investigators perform while working with DigitalEvidence. 3 Pointout the three types of field kit to be used in a crime scene. 4 List the set of feature applicable to computer forensics practice. 5 Assess what materials you would collect to complete your analysis andprocessing of a scene? 6 Define the tasks of using a Technical advisor for forensic purposes. 7 How will you identify the use case requirements for forensic purposes? 8 List some of the general tasks you perform in any computerForensics. 9 Define Hashing algorithms commonly used for forensicpurposes. 10 Differentiate between Master Boot Record(MBR) and MasterFile Table(MFT). 11 How will you create “New Technology File System”? 12 Show the five major categories refining data analysis andrecovery functions in computer forensic tools. 13 Give the meaning of the term “Virtual Cluster Number”. 14 Express the meaning of the term “Zoned Bit Recording(ZBR)”. 15 Distinguish between Trusted Computing Group and Trusted Platform Module. 16 Classify Hardware Forensic Tools with Software Forensic Tools. 17 Show how the reconstruction tool is useful in forensics? 18 Pointout the tools used in validation and discrimination in Forensics. 19 Express the term „Computer Forensics Tool Testing‟? 20 How will you generalize the utility of National Software Reference Library? PART B 1 Illustrate how the processing of an incident will or a crime scene takes place inCyber forensics. 2 Explain in detail about how the understanding of File Systems plays aCrucial role in cyber forensics. 3 Explain in detail about the following :- i.Computer Forensics Software Tools ii.Computer Forensics Hardware Tools 4 Explain in detail about the following terms:- i.Disk Partitions ii.Master Boot Record iii.Examining FAT disks
5 Describe the following terms in detail:- i. Examining NTFS Disks ii. NTFS System Files iii. NTFS Compressed Files 6 Discuss in detail about the following terms with suitable examples:- i. NTFS Data Streams ii. NTFS Compressed Files iii. EFS Recovery Key Agent iv. Deleting NTFS Files 7 Describe about how the whole disk encryption is performed in Cyber forensics (16) 8 Formulate the idea behind using the following tools in forensics :- i. Exploring Windows Registry ii. Examining the Windows Registry 9 Examine the MS-DOS Startup Tasks and about other Disk Operating Systems in Detail. 10Describe about the following mechanisms :- i. Understanding File Systems ii. Whole Disk Encryption UNIT V PART A 1. Define how data discrimination is done by using Hash Values. 2. Give some legal and illegal purposes for usingSteganography? 3. Pointout whether password recovery is included in all theComputer Forensic Tools is used or not. Why? 4. Show the guidelines for identifying steganography files. 5. List the following general procedures usedfor most Computer Forensics Investigations. 6. Express the most critical aspects ofComputer Forensics. 7. Classify the Compression techniques used in Computer Forensics. 8. Define Bit Shifting with an example. 9. Pointout the Shareware Programs for Remote Acquisitions. 10. Define Network Forensics. 11. How will you generalize the three modes of Protection used? 12. Define any three standard procedures used in Network Forensics. 13. Examine whether all the e-mail headers contain the same type of information. 14. Decide the roles of Client and Servers in E-mail investigations. 15. Mention the e-mail storage format available in Novell Evolution. 16. How can the Router logs be used to verify the types of E-mail data? 17. Decide whether you need a search warrant to retrieve information from a systemserver. 18. Mention the four places where mobile device information might be used. 19. What are the SIMCon‟s features? 20. How will you isolate a mobile device from incoming signals?
PART B 1. Discuss how you will validate the forensic data using: i. Validating the hexadecimal Editors ii. Validating with Computer Forensics Programs 2. Examine in detail the techniques used for Addressing Data Hiding. 3. Describe Remote Acquisitions when used with i. Runtime Software ii. Preparing Disk Explorer and HDHOST iii. Remote Connection with Disk Explorer 4. Explain the following terms in detail:- i. Securing a Network ii. Performing Live Acquisitions 5. Briefly generalize the roles of the following term in investigations:- i. E-mail in investigations ii. E-mail in Client and Server 6. Explain briefly about the following terms in detail:- i. Examining E-mail Messages ii. Copying an E-mail Message iii. Viewing an E-mail Headers 7. Describe the following terms in detail:- i. Examining Additional Files ii. Tracing an E-mail Message iii. Using Network E-mail Logs iv. Examining E-mail Headers 8. Describe in detail about using specialized E-mail Forensics Tools 9. Describe in detail about Understanding E-mail Servers 10. Assess how mobile devices play a crucial role in forensics by : i. Basics of mobile Forensics ii. Inside Mobile Devices iii. Inside PDAs

Recommended

computer forensics
computer forensicscomputer forensics
computer forensics
Akhil Kumar
 
02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes
Kranthi
 
01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes
Kranthi
 
06 Computer Image Verification and Authentication - Notes
06 Computer Image Verification and Authentication - Notes06 Computer Image Verification and Authentication - Notes
06 Computer Image Verification and Authentication - Notes
Kranthi
 
Cyber Forensics Module 1
Cyber Forensics Module 1Cyber Forensics Module 1
Cyber Forensics Module 1
Manu Mathew Cherian
 
Cyber Forensics Module 2
Cyber Forensics Module 2Cyber Forensics Module 2
Cyber Forensics Module 2
Manu Mathew Cherian
 
Intro to cyber forensics
Intro to cyber forensicsIntro to cyber forensics
Intro to cyber forensics
Chaitanya Dhareshwar
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
Oldsun
 

Recommended

computer forensics
computer forensicscomputer forensics
computer forensics
Akhil Kumar
 
02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes
Kranthi
 
01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes
Kranthi
 
06 Computer Image Verification and Authentication - Notes
06 Computer Image Verification and Authentication - Notes06 Computer Image Verification and Authentication - Notes
06 Computer Image Verification and Authentication - Notes
Kranthi
 
Cyber Forensics Module 1
Cyber Forensics Module 1Cyber Forensics Module 1
Cyber Forensics Module 1
Manu Mathew Cherian
 
Cyber Forensics Module 2
Cyber Forensics Module 2Cyber Forensics Module 2
Cyber Forensics Module 2
Manu Mathew Cherian
 
Intro to cyber forensics
Intro to cyber forensicsIntro to cyber forensics
Intro to cyber forensics
Chaitanya Dhareshwar
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
Oldsun
 
Digital forensics
Digital forensics Digital forensics
Digital forensics
Adriana Backman
 
Understanding computer investigation
Understanding computer investigationUnderstanding computer investigation
Understanding computer investigation
Online
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
yash sawarkar
 
Current Forensic Tools
Current Forensic Tools Current Forensic Tools
Current Forensic Tools
Jyothishmathi Institute of Technology and Science Karimnagar
 
Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009
Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009
Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009
ClubHack
 
Digital Forensics Workshop
Digital Forensics WorkshopDigital Forensics Workshop
Digital Forensics Workshop
Tim Fletcher
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensics
Shreya Singireddy
 
Cyber forensics
Cyber forensicsCyber forensics
Cyber forensics
pranjal dutta
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
SCREAM138
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
Sarwar Hossain Rafsan
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensics
alrawes
 
Computer forensics and its role
Computer forensics and its roleComputer forensics and its role
Computer forensics and its role
Sudeshna Basak
 
computer forensics
computer forensics computer forensics
computer forensics
samantha jarrett
 
05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - Notes05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - Notes
Kranthi
 
Computer Forensic
Computer ForensicComputer Forensic
Computer Forensic
Novizul Evendi
 
Digital forensics
Digital forensics Digital forensics
Digital forensics
vishnuv43
 
Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...
Sagar Rahurkar
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic ppt
Priya Manik
 
Cyber Crimes & Cyber Forensics
Cyber Crimes & Cyber ForensicsCyber Crimes & Cyber Forensics
Cyber Crimes & Cyber Forensics
jahanzebmunawar
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkit
Milap Oza
 
Compiler Questions
Compiler QuestionsCompiler Questions
Compiler Questions
Dr. C.V. Suresh Babu
 
Cs6660 compiler design may june 2016 Answer Key
Cs6660 compiler design may june 2016 Answer KeyCs6660 compiler design may june 2016 Answer Key
Cs6660 compiler design may june 2016 Answer Key
appasami
 

More Related Content

What's hot

Digital forensics
Digital forensics Digital forensics
Digital forensics
Adriana Backman
 
Understanding computer investigation
Understanding computer investigationUnderstanding computer investigation
Understanding computer investigation
Online
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
yash sawarkar
 
Current Forensic Tools
Current Forensic Tools Current Forensic Tools
Current Forensic Tools
Jyothishmathi Institute of Technology and Science Karimnagar
 
Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009
Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009
Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009
ClubHack
 
Digital Forensics Workshop
Digital Forensics WorkshopDigital Forensics Workshop
Digital Forensics Workshop
Tim Fletcher
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensics
Shreya Singireddy
 
Cyber forensics
Cyber forensicsCyber forensics
Cyber forensics
pranjal dutta
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
SCREAM138
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
Sarwar Hossain Rafsan
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensics
alrawes
 
Computer forensics and its role
Computer forensics and its roleComputer forensics and its role
Computer forensics and its role
Sudeshna Basak
 
computer forensics
computer forensics computer forensics
computer forensics
samantha jarrett
 
05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - Notes05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - Notes
Kranthi
 
Computer Forensic
Computer ForensicComputer Forensic
Computer Forensic
Novizul Evendi
 
Digital forensics
Digital forensics Digital forensics
Digital forensics
vishnuv43
 
Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...
Sagar Rahurkar
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic ppt
Priya Manik
 
Cyber Crimes & Cyber Forensics
Cyber Crimes & Cyber ForensicsCyber Crimes & Cyber Forensics
Cyber Crimes & Cyber Forensics
jahanzebmunawar
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkit
Milap Oza
 

What's hot (20)

Digital forensics
Digital forensics Digital forensics
Digital forensics
 
Understanding computer investigation
Understanding computer investigationUnderstanding computer investigation
Understanding computer investigation
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
Current Forensic Tools
Current Forensic Tools Current Forensic Tools
Current Forensic Tools
 
Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009
Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009
Kush wadhwa _mining_digital_evidence_in_windows - ClubHack2009
 
Digital Forensics Workshop
Digital Forensics WorkshopDigital Forensics Workshop
Digital Forensics Workshop
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensics
 
Cyber forensics
Cyber forensicsCyber forensics
Cyber forensics
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensics
 
Computer forensics and its role
Computer forensics and its roleComputer forensics and its role
Computer forensics and its role
 
computer forensics
computer forensics computer forensics
computer forensics
 
05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - Notes05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - Notes
 
Computer Forensic
Computer ForensicComputer Forensic
Computer Forensic
 
Digital forensics
Digital forensics Digital forensics
Digital forensics
 
Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic ppt
 
Cyber Crimes & Cyber Forensics
Cyber Crimes & Cyber ForensicsCyber Crimes & Cyber Forensics
Cyber Crimes & Cyber Forensics
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkit
 

Viewers also liked

Compiler Questions
Compiler QuestionsCompiler Questions
Compiler Questions
Dr. C.V. Suresh Babu
 
Cs6660 compiler design may june 2016 Answer Key
Cs6660 compiler design may june 2016 Answer KeyCs6660 compiler design may june 2016 Answer Key
Cs6660 compiler design may june 2016 Answer Key
appasami
 
Data Acquisition
Data AcquisitionData Acquisition
Data Acquisition
primeteacher32
 
Traditional problem associated with cyber crime
Traditional problem associated with cyber crimeTraditional problem associated with cyber crime
Traditional problem associated with cyber crime
vishalgohel12195
 
Cs6660 compiler design november december 2016 Answer key
Cs6660 compiler design november december 2016 Answer keyCs6660 compiler design november december 2016 Answer key
Cs6660 compiler design november december 2016 Answer key
appasami
 
Compiler design lab programs
Compiler design lab programs Compiler design lab programs
Compiler design lab programs
Guru Janbheshver University, Hisar
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensic
Online
 
Hard disk PPT
Hard disk PPTHard disk PPT
Hard disk PPT
George Ranson
 
Cybercrime.ppt
Cybercrime.pptCybercrime.ppt
Cybercrime.ppt
Aeman Khan
 

Viewers also liked (9)

Compiler Questions
Compiler QuestionsCompiler Questions
Compiler Questions
 
Cs6660 compiler design may june 2016 Answer Key
Cs6660 compiler design may june 2016 Answer KeyCs6660 compiler design may june 2016 Answer Key
Cs6660 compiler design may june 2016 Answer Key
 
Data Acquisition
Data AcquisitionData Acquisition
Data Acquisition
 
Traditional problem associated with cyber crime
Traditional problem associated with cyber crimeTraditional problem associated with cyber crime
Traditional problem associated with cyber crime
 
Cs6660 compiler design november december 2016 Answer key
Cs6660 compiler design november december 2016 Answer keyCs6660 compiler design november december 2016 Answer key
Cs6660 compiler design november december 2016 Answer key
 
Compiler design lab programs
Compiler design lab programs Compiler design lab programs
Compiler design lab programs
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensic
 
Hard disk PPT
Hard disk PPTHard disk PPT
Hard disk PPT
 
Cybercrime.ppt
Cybercrime.pptCybercrime.ppt
Cybercrime.ppt
 

Similar to Cs6004 cyber fofrensics_qb

Security solutions in vlsi design
Security solutions in vlsi designSecurity solutions in vlsi design
Security solutions in vlsi design
Raja pirian
 
Cs1355cns
Cs1355cnsCs1355cns
Cs1355cns
palaniyandiAnand
 
B.sc . i.t.-sem..-v-net-copy-may-2017
B.sc . i.t.-sem..-v-net-copy-may-2017B.sc . i.t.-sem..-v-net-copy-may-2017
B.sc . i.t.-sem..-v-net-copy-may-2017
YogeshDhamke2
 
Question bank cn2
Question bank cn2Question bank cn2
Question bank cn2
sangusajjan
 
Es 2 mark
Es 2 markEs 2 mark
Es 2 mark
erchandru
 
Unit 1 qb
Unit 1 qbUnit 1 qb
Unit 1 qb
rdanasegaran
 
Important 16 marks questions
Important 16 marks questionsImportant 16 marks questions
Important 16 marks questions
vaidheeswari
 
Review QuestionsChapter 2-31. Describe the physical structure.docx
Review QuestionsChapter 2-31. Describe the physical structure.docxReview QuestionsChapter 2-31. Describe the physical structure.docx
Review QuestionsChapter 2-31. Describe the physical structure.docx
healdkathaleen
 
Secure 3 kany-vanda
Secure 3 kany-vandaSecure 3 kany-vanda
Secure 3 kany-vanda
Vanda KANY
 
Cyber forensics question bank
Cyber forensics question bankCyber forensics question bank
Cyber forensics question bank
ArthyR3
 
Centralized monitoring station for it computing and network infrastructure1
Centralized monitoring station for it computing and network infrastructure1Centralized monitoring station for it computing and network infrastructure1
Centralized monitoring station for it computing and network infrastructure1
MOHD ARISH
 
Go3611771182
Go3611771182Go3611771182
Go3611771182
IJERA Editor
 
Design Package to Build and Evaluate Encryption Algorithms
Design Package to Build and Evaluate Encryption AlgorithmsDesign Package to Build and Evaluate Encryption Algorithms
Design Package to Build and Evaluate Encryption Algorithms
IOSRjournaljce
 
The EternalBlue Exploit: how it works and affects systems
The EternalBlue Exploit: how it works and affects systemsThe EternalBlue Exploit: how it works and affects systems
The EternalBlue Exploit: how it works and affects systems
Andrea Bissoli
 
It04 roshan basnet
It04 roshan basnetIt04 roshan basnet
It04 roshan basnet
rosu555
 
Pune University MCA [Management] 2020-Sample Questions
Pune University MCA [Management] 2020-Sample QuestionsPune University MCA [Management] 2020-Sample Questions
Pune University MCA [Management] 2020-Sample Questions
shailendrashinde9
 
Writing RPG Applications Using Cryptographic Services APIs
Writing RPG Applications Using Cryptographic Services APIsWriting RPG Applications Using Cryptographic Services APIs
Writing RPG Applications Using Cryptographic Services APIs
Carsten Flensburg
 
R09 information security – ii
R09 information security – iiR09 information security – ii
R09 information security – ii
అనిల్ జూలూరి
 
1. The sale of sensitive or confidential company information to a .docx
1. The sale of sensitive or confidential company information to a .docx1. The sale of sensitive or confidential company information to a .docx
1. The sale of sensitive or confidential company information to a .docx
ambersalomon88660
 
BSA 385 Week 3 Individual Assignment Essay
BSA 385 Week 3 Individual Assignment EssayBSA 385 Week 3 Individual Assignment Essay
BSA 385 Week 3 Individual Assignment Essay
Tara Smith
 

Similar to Cs6004 cyber fofrensics_qb (20)

Security solutions in vlsi design
Security solutions in vlsi designSecurity solutions in vlsi design
Security solutions in vlsi design
 
Cs1355cns
Cs1355cnsCs1355cns
Cs1355cns
 
B.sc . i.t.-sem..-v-net-copy-may-2017
B.sc . i.t.-sem..-v-net-copy-may-2017B.sc . i.t.-sem..-v-net-copy-may-2017
B.sc . i.t.-sem..-v-net-copy-may-2017
 
Question bank cn2
Question bank cn2Question bank cn2
Question bank cn2
 
Es 2 mark
Es 2 markEs 2 mark
Es 2 mark
 
Unit 1 qb
Unit 1 qbUnit 1 qb
Unit 1 qb
 
Important 16 marks questions
Important 16 marks questionsImportant 16 marks questions
Important 16 marks questions
 
Review QuestionsChapter 2-31. Describe the physical structure.docx
Review QuestionsChapter 2-31. Describe the physical structure.docxReview QuestionsChapter 2-31. Describe the physical structure.docx
Review QuestionsChapter 2-31. Describe the physical structure.docx
 
Secure 3 kany-vanda
Secure 3 kany-vandaSecure 3 kany-vanda
Secure 3 kany-vanda
 
Cyber forensics question bank
Cyber forensics question bankCyber forensics question bank
Cyber forensics question bank
 
Centralized monitoring station for it computing and network infrastructure1
Centralized monitoring station for it computing and network infrastructure1Centralized monitoring station for it computing and network infrastructure1
Centralized monitoring station for it computing and network infrastructure1
 
Go3611771182
Go3611771182Go3611771182
Go3611771182
 
Design Package to Build and Evaluate Encryption Algorithms
Design Package to Build and Evaluate Encryption AlgorithmsDesign Package to Build and Evaluate Encryption Algorithms
Design Package to Build and Evaluate Encryption Algorithms
 
The EternalBlue Exploit: how it works and affects systems
The EternalBlue Exploit: how it works and affects systemsThe EternalBlue Exploit: how it works and affects systems
The EternalBlue Exploit: how it works and affects systems
 
It04 roshan basnet
It04 roshan basnetIt04 roshan basnet
It04 roshan basnet
 
Pune University MCA [Management] 2020-Sample Questions
Pune University MCA [Management] 2020-Sample QuestionsPune University MCA [Management] 2020-Sample Questions
Pune University MCA [Management] 2020-Sample Questions
 
Writing RPG Applications Using Cryptographic Services APIs
Writing RPG Applications Using Cryptographic Services APIsWriting RPG Applications Using Cryptographic Services APIs
Writing RPG Applications Using Cryptographic Services APIs
 
R09 information security – ii
R09 information security – iiR09 information security – ii
R09 information security – ii
 
1. The sale of sensitive or confidential company information to a .docx
1. The sale of sensitive or confidential company information to a .docx1. The sale of sensitive or confidential company information to a .docx
1. The sale of sensitive or confidential company information to a .docx
 
BSA 385 Week 3 Individual Assignment Essay
BSA 385 Week 3 Individual Assignment EssayBSA 385 Week 3 Individual Assignment Essay
BSA 385 Week 3 Individual Assignment Essay
 

Recently uploaded

哪里办理(csu毕业证书)查尔斯特大学毕业证硕士学历原版一模一样
哪里办理(csu毕业证书)查尔斯特大学毕业证硕士学历原版一模一样哪里办理(csu毕业证书)查尔斯特大学毕业证硕士学历原版一模一样
哪里办理(csu毕业证书)查尔斯特大学毕业证硕士学历原版一模一样
insn4465
 
ISPM 15 Heat Treated Wood Stamps and why your shipping must have one
ISPM 15 Heat Treated Wood Stamps and why your shipping must have oneISPM 15 Heat Treated Wood Stamps and why your shipping must have one
ISPM 15 Heat Treated Wood Stamps and why your shipping must have one
Las Vegas Warehouse
 
Recycled Concrete Aggregate in Construction Part II
Recycled Concrete Aggregate in Construction Part IIRecycled Concrete Aggregate in Construction Part II
Recycled Concrete Aggregate in Construction Part II
Aditya Rajan Patra
 
Question paper of renewable energy sources
Question paper of renewable energy sourcesQuestion paper of renewable energy sources
Question paper of renewable energy sources
mahammadsalmanmech
 
A SYSTEMATIC RISK ASSESSMENT APPROACH FOR SECURING THE SMART IRRIGATION SYSTEMS
A SYSTEMATIC RISK ASSESSMENT APPROACH FOR SECURING THE SMART IRRIGATION SYSTEMSA SYSTEMATIC RISK ASSESSMENT APPROACH FOR SECURING THE SMART IRRIGATION SYSTEMS
A SYSTEMATIC RISK ASSESSMENT APPROACH FOR SECURING THE SMART IRRIGATION SYSTEMS
IJNSA Journal
 
Heat Resistant Concrete Presentation ppt
Heat Resistant Concrete Presentation pptHeat Resistant Concrete Presentation ppt
Heat Resistant Concrete Presentation ppt
mamunhossenbd75
 
Engine Lubrication performance System.pdf
Engine Lubrication performance System.pdfEngine Lubrication performance System.pdf
Engine Lubrication performance System.pdf
mamamaam477
 
学校原版美国波士顿大学毕业证学历学位证书原版一模一样
学校原版美国波士顿大学毕业证学历学位证书原版一模一样学校原版美国波士顿大学毕业证学历学位证书原版一模一样
学校原版美国波士顿大学毕业证学历学位证书原版一模一样
171ticu
 
Engineering Drawings Lecture Detail Drawings 2014.pdf
Engineering Drawings Lecture Detail Drawings 2014.pdfEngineering Drawings Lecture Detail Drawings 2014.pdf
Engineering Drawings Lecture Detail Drawings 2014.pdf
abbyasa1014
 
Literature Review Basics and Understanding Reference Management.pptx
Literature Review Basics and Understanding Reference Management.pptxLiterature Review Basics and Understanding Reference Management.pptx
Literature Review Basics and Understanding Reference Management.pptx
Dr Ramhari Poudyal
 
Generative AI leverages algorithms to create various forms of content
Generative AI leverages algorithms to create various forms of contentGenerative AI leverages algorithms to create various forms of content
Generative AI leverages algorithms to create various forms of content
Hitesh Mohapatra
 
Textile Chemical Processing and Dyeing.pdf
Textile Chemical Processing and Dyeing.pdfTextile Chemical Processing and Dyeing.pdf
Textile Chemical Processing and Dyeing.pdf
NazakatAliKhoso2
 
Recycled Concrete Aggregate in Construction Part III
Recycled Concrete Aggregate in Construction Part IIIRecycled Concrete Aggregate in Construction Part III
Recycled Concrete Aggregate in Construction Part III
Aditya Rajan Patra
 
The Python for beginners. This is an advance computer language.
The Python for beginners. This is an advance computer language.The Python for beginners. This is an advance computer language.
The Python for beginners. This is an advance computer language.
sachin chaurasia
 
Casting-Defect-inSlab continuous casting.pdf
Casting-Defect-inSlab continuous casting.pdfCasting-Defect-inSlab continuous casting.pdf
Casting-Defect-inSlab continuous casting.pdf
zubairahmad848137
 
New techniques for characterising damage in rock slopes.pdf
New techniques for characterising damage in rock slopes.pdfNew techniques for characterising damage in rock slopes.pdf
New techniques for characterising damage in rock slopes.pdf
wisnuprabawa3
 
22CYT12-Unit-V-E Waste and its Management.ppt
22CYT12-Unit-V-E Waste and its Management.ppt22CYT12-Unit-V-E Waste and its Management.ppt
22CYT12-Unit-V-E Waste and its Management.ppt
KrishnaveniKrishnara1
 
spirit beverages ppt without graphics.pptx
spirit beverages ppt without graphics.pptxspirit beverages ppt without graphics.pptx
spirit beverages ppt without graphics.pptx
Madan Karki
 
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODEL
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODELDEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODEL
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODEL
gerogepatton
 
TIME DIVISION MULTIPLEXING TECHNIQUE FOR COMMUNICATION SYSTEM
TIME DIVISION MULTIPLEXING TECHNIQUE FOR COMMUNICATION SYSTEMTIME DIVISION MULTIPLEXING TECHNIQUE FOR COMMUNICATION SYSTEM
TIME DIVISION MULTIPLEXING TECHNIQUE FOR COMMUNICATION SYSTEM
HODECEDSIET
 

Recently uploaded (20)

哪里办理(csu毕业证书)查尔斯特大学毕业证硕士学历原版一模一样
哪里办理(csu毕业证书)查尔斯特大学毕业证硕士学历原版一模一样哪里办理(csu毕业证书)查尔斯特大学毕业证硕士学历原版一模一样
哪里办理(csu毕业证书)查尔斯特大学毕业证硕士学历原版一模一样
 
ISPM 15 Heat Treated Wood Stamps and why your shipping must have one
ISPM 15 Heat Treated Wood Stamps and why your shipping must have oneISPM 15 Heat Treated Wood Stamps and why your shipping must have one
ISPM 15 Heat Treated Wood Stamps and why your shipping must have one
 
Recycled Concrete Aggregate in Construction Part II
Recycled Concrete Aggregate in Construction Part IIRecycled Concrete Aggregate in Construction Part II
Recycled Concrete Aggregate in Construction Part II
 
Question paper of renewable energy sources
Question paper of renewable energy sourcesQuestion paper of renewable energy sources
Question paper of renewable energy sources
 
A SYSTEMATIC RISK ASSESSMENT APPROACH FOR SECURING THE SMART IRRIGATION SYSTEMS
A SYSTEMATIC RISK ASSESSMENT APPROACH FOR SECURING THE SMART IRRIGATION SYSTEMSA SYSTEMATIC RISK ASSESSMENT APPROACH FOR SECURING THE SMART IRRIGATION SYSTEMS
A SYSTEMATIC RISK ASSESSMENT APPROACH FOR SECURING THE SMART IRRIGATION SYSTEMS
 
Heat Resistant Concrete Presentation ppt
Heat Resistant Concrete Presentation pptHeat Resistant Concrete Presentation ppt
Heat Resistant Concrete Presentation ppt
 
Engine Lubrication performance System.pdf
Engine Lubrication performance System.pdfEngine Lubrication performance System.pdf
Engine Lubrication performance System.pdf
 
学校原版美国波士顿大学毕业证学历学位证书原版一模一样
学校原版美国波士顿大学毕业证学历学位证书原版一模一样学校原版美国波士顿大学毕业证学历学位证书原版一模一样
学校原版美国波士顿大学毕业证学历学位证书原版一模一样
 
Engineering Drawings Lecture Detail Drawings 2014.pdf
Engineering Drawings Lecture Detail Drawings 2014.pdfEngineering Drawings Lecture Detail Drawings 2014.pdf
Engineering Drawings Lecture Detail Drawings 2014.pdf
 
Literature Review Basics and Understanding Reference Management.pptx
Literature Review Basics and Understanding Reference Management.pptxLiterature Review Basics and Understanding Reference Management.pptx
Literature Review Basics and Understanding Reference Management.pptx
 
Generative AI leverages algorithms to create various forms of content
Generative AI leverages algorithms to create various forms of contentGenerative AI leverages algorithms to create various forms of content
Generative AI leverages algorithms to create various forms of content
 
Textile Chemical Processing and Dyeing.pdf
Textile Chemical Processing and Dyeing.pdfTextile Chemical Processing and Dyeing.pdf
Textile Chemical Processing and Dyeing.pdf
 
Recycled Concrete Aggregate in Construction Part III
Recycled Concrete Aggregate in Construction Part IIIRecycled Concrete Aggregate in Construction Part III
Recycled Concrete Aggregate in Construction Part III
 
The Python for beginners. This is an advance computer language.
The Python for beginners. This is an advance computer language.The Python for beginners. This is an advance computer language.
The Python for beginners. This is an advance computer language.
 
Casting-Defect-inSlab continuous casting.pdf
Casting-Defect-inSlab continuous casting.pdfCasting-Defect-inSlab continuous casting.pdf
Casting-Defect-inSlab continuous casting.pdf
 
New techniques for characterising damage in rock slopes.pdf
New techniques for characterising damage in rock slopes.pdfNew techniques for characterising damage in rock slopes.pdf
New techniques for characterising damage in rock slopes.pdf
 
22CYT12-Unit-V-E Waste and its Management.ppt
22CYT12-Unit-V-E Waste and its Management.ppt22CYT12-Unit-V-E Waste and its Management.ppt
22CYT12-Unit-V-E Waste and its Management.ppt
 
spirit beverages ppt without graphics.pptx
spirit beverages ppt without graphics.pptxspirit beverages ppt without graphics.pptx
spirit beverages ppt without graphics.pptx
 
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODEL
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODELDEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODEL
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODEL
 
TIME DIVISION MULTIPLEXING TECHNIQUE FOR COMMUNICATION SYSTEM
TIME DIVISION MULTIPLEXING TECHNIQUE FOR COMMUNICATION SYSTEMTIME DIVISION MULTIPLEXING TECHNIQUE FOR COMMUNICATION SYSTEM
TIME DIVISION MULTIPLEXING TECHNIQUE FOR COMMUNICATION SYSTEM
 

Cs6004 cyber fofrensics_qb

  • 1. CS6004CYBER FORENSICS QUESTION BANK UNIT I PART A 1 Distinguish between HMAC and MAC. 2 List out the basic components of the IPsec architecture 3 Identify Security Associations with the help of three parameters. 4 Give some basic differences between encryption and decryption. 5 What do you know about Key Management for IPsec? 6 Classify Payload into different types. 7 Differentiate between SSL Protocol and TSL protocol. 8 Design ISKMP in terms of its header format. 9 Asses alternative operation of HMAC computation using MD5/SHA-1. 10 List the fields in AH Format. 11 List the elements involved in the session states. 12 Analyze the differences between SSL and IPsec. 13 Classify using some specifications of SSL related Alerts which are always fatal to be used. 14 Show how the TLS supports all of the error alerts defined in SLv3. 15 State Compression and Decompression using SSL Reco protocol. 16 Define a Pseudo-Random Function 17 Differentiate between SSL v3 and TLSMAC Schemes. 18 Decide when and under which circumstances “FINISHED MESSAGE” used? 19 Show in points the three services for SSL connections between Server and Client. 20 Develop the two ways for exchange of the premaster Secret PART B 1. Explain in detail about IPSec Protocol Documents. 2. Explain in detail about HMAC with its Structure and suitable example. 3. Illustrate briefly about the computation of HMAC using the following methods:- 1. (i)HMAC-MD5 computation using the RFC method. (ii)HMAC-SHA 1 computation using Alternative method. 4. Analyze how the Security Association is used in the following parameters:- (i)Security Policy Database (ii)Security Association Database (iii)Transport Mode SA (iv)Tunnel Mode SA 5. Illustrate about: IP Authentication Header i. (ii)AH Format (iii)AH Location 6. Give a brief account of IP ESP with some suitable diagrams. 7. Describe in detail about:- i. (i)Session and Connection State. (ii)SSL Record Protocol. 8. (i) Explainthe SSL Change Cipher Spec Protocol. (ii) Explain the SSL Alert Protocol. 9. Explain in detail about SSL Handshaking Protocol between a Server and Client Connection with an appropriate diagram. 10. Examine the Cryptographic Computations while using the following scenario:- i. Computing the Master Secret ii. Converting the Master Secret into Cryptographic Parameters
  • 2. UNIT II PART A 1.Point out the Digital Signature Service Provided by PGP. 2.Differentiate between PGP and S/MIME 3.List the algorithms used in PGP 5.X. 4.What do you mean by „Inside Signature‟ in S/MIME? 5.How will you assess „Digital Envelope‟ in S/MIME? 6.Generalize the types of „Bastion Host‟ in Internet Firewall. 7.Classify different types of firewalls available in Forensics. 8.Define Virtual Private Network (VPN). 9.Classify various types of Proxies. 10. Tabulate any example of SMTP Packet rule sets. 11. Define Logging. 12. Discriminate between circuit-level gateway and application-level gateway. 13. Contrast choke point and audit log 14. Formulate the important features of Firewalls. 15. Demonstrate FTP Packet Filtering with an example. 16. Define SET for E-Commerce Transactions. 17. List the cryptographic principles used in SET. 18. Define Dual signature. 19. List some of the processes in merchant registration. 20. Pointout the business requirements for SET PART B 1.Explain in detail the basic concepts of a) Confidentiality via. Encryption b) Authentication via. Digital Signature. 2.Formulate the idea behind using the following terms: a) Compression b) Radix-64 Conversion with an example. 3.Explain in detail about :- a) Packet Header b) Packet Structure with suitable examples. 4.Illustrate briefly about the Electronic mail security mechanisms: a) Enhanced Security Services for S/MIME b) MIME 5.Explain in detail about :- a) Role of Firewalls. b) Firewall Related Terminology 6.Briefly explain the types of Firewalls with a neat diagram and examples 7.Write a short note on a) Firewall Designs b) Examining the Packet Filtering gateway and Application Level Gateway dissimilarities.
  • 3. 8.Explain briefly about the following security mechanisms:- a) Logging and Alarms , VPN b) DMZ and Choke Point c) Key material Packets in PGP 9.Explain in detail about S/MIME and the general syntax it uses to supportdifferent content types. 10. Explain in detail about :- a) Single-Homed Bastion Host b) Dual Homed Bastion Host c) Screened Subnet Firewall UNIT III PART A 1. Define Traditional Computer Crime. 2. What is meant by Identity theft? 3. What is „Identity Fraud‟? 4. Point out which CF Techniques are being used for Investigations. 5. Show what preparations are required for Incident Response Methodology? 6. Show the steps in Incident Response Methodology? 7. List some of the scopes of Foreign Investigations. 8. How will you specify the rules for computer Forensics in investigation? 9. Classify different types of Computer Forensics Technology? 10. What are the types of Computer Forensics Systems? 11. Decide the Criminal and civil proceedings which can be used as computer Forensics Evidence. 12. Define the term „HACKING‟ 13. How will you find out the Hidden Data in Forensics Technology? 14. What are the hierarchy involved in internet security forensic system? 15. How can the Hackers gain advantage in stealing essentials of investigation in forensics? 16. Express about why the evidence media be write Protected. 17. List the three items should be on an evidence custody form. 18. How will you plan the most critical aspects of computer Evidence? 19. Define RAID Data Acquisition. 20. Assess the disadvantages of using the WINDOWS XP/VISTA USB write-protection Registry Method? PART B 1. Examine the traditional Computer crimes associated with Cyber Forensics. 2. Explain in detail about Identity Theft and Identity Fraud and mention the points of differences between them. 3. Explain in detail about Incident Response Methodology and the six steps associated with it 4. Analyze briefly about the Forensic Duplication and Investigation 5. Examine in detail the roles of the following in detail:- i. Forensics Technology ii. Forensics Systems 6. Discuss in detail about the following:- i. Systematic Approach in Computer Investigations. ii. Conducting an Investigation in Computer Investigations. 7. Describe in detail about the following:- i. Understanding Data Recovery Workstations and software
  • 4. ii. Preparing for a Computer Investigation. 8. Examine the following terms in detail:- i. Understanding Storage Formats for Digital Evidence ii. Using Acquisition Tools. 9. Describe in detail about the following terms in detail:- i. Validating Data Acquisition ii. Performing RAID Data Acquisitions 10. Demonstrate how to use Remote Network Acquisition Tools in cyber Forensics. UNIT IV PART A 1 Define the term “Digital Evidence”. 2 List the general tasks investigators perform while working with DigitalEvidence. 3 Pointout the three types of field kit to be used in a crime scene. 4 List the set of feature applicable to computer forensics practice. 5 Assess what materials you would collect to complete your analysis andprocessing of a scene? 6 Define the tasks of using a Technical advisor for forensic purposes. 7 How will you identify the use case requirements for forensic purposes? 8 List some of the general tasks you perform in any computerForensics. 9 Define Hashing algorithms commonly used for forensicpurposes. 10 Differentiate between Master Boot Record(MBR) and MasterFile Table(MFT). 11 How will you create “New Technology File System”? 12 Show the five major categories refining data analysis andrecovery functions in computer forensic tools. 13 Give the meaning of the term “Virtual Cluster Number”. 14 Express the meaning of the term “Zoned Bit Recording(ZBR)”. 15 Distinguish between Trusted Computing Group and Trusted Platform Module. 16 Classify Hardware Forensic Tools with Software Forensic Tools. 17 Show how the reconstruction tool is useful in forensics? 18 Pointout the tools used in validation and discrimination in Forensics. 19 Express the term „Computer Forensics Tool Testing‟? 20 How will you generalize the utility of National Software Reference Library? PART B 1 Illustrate how the processing of an incident will or a crime scene takes place inCyber forensics. 2 Explain in detail about how the understanding of File Systems plays aCrucial role in cyber forensics. 3 Explain in detail about the following :- i.Computer Forensics Software Tools ii.Computer Forensics Hardware Tools 4 Explain in detail about the following terms:- i.Disk Partitions ii.Master Boot Record iii.Examining FAT disks
  • 5. 5 Describe the following terms in detail:- i. Examining NTFS Disks ii. NTFS System Files iii. NTFS Compressed Files 6 Discuss in detail about the following terms with suitable examples:- i. NTFS Data Streams ii. NTFS Compressed Files iii. EFS Recovery Key Agent iv. Deleting NTFS Files 7 Describe about how the whole disk encryption is performed in Cyber forensics (16) 8 Formulate the idea behind using the following tools in forensics :- i. Exploring Windows Registry ii. Examining the Windows Registry 9 Examine the MS-DOS Startup Tasks and about other Disk Operating Systems in Detail. 10Describe about the following mechanisms :- i. Understanding File Systems ii. Whole Disk Encryption UNIT V PART A 1. Define how data discrimination is done by using Hash Values. 2. Give some legal and illegal purposes for usingSteganography? 3. Pointout whether password recovery is included in all theComputer Forensic Tools is used or not. Why? 4. Show the guidelines for identifying steganography files. 5. List the following general procedures usedfor most Computer Forensics Investigations. 6. Express the most critical aspects ofComputer Forensics. 7. Classify the Compression techniques used in Computer Forensics. 8. Define Bit Shifting with an example. 9. Pointout the Shareware Programs for Remote Acquisitions. 10. Define Network Forensics. 11. How will you generalize the three modes of Protection used? 12. Define any three standard procedures used in Network Forensics. 13. Examine whether all the e-mail headers contain the same type of information. 14. Decide the roles of Client and Servers in E-mail investigations. 15. Mention the e-mail storage format available in Novell Evolution. 16. How can the Router logs be used to verify the types of E-mail data? 17. Decide whether you need a search warrant to retrieve information from a systemserver. 18. Mention the four places where mobile device information might be used. 19. What are the SIMCon‟s features? 20. How will you isolate a mobile device from incoming signals?
  • 6. PART B 1. Discuss how you will validate the forensic data using: i. Validating the hexadecimal Editors ii. Validating with Computer Forensics Programs 2. Examine in detail the techniques used for Addressing Data Hiding. 3. Describe Remote Acquisitions when used with i. Runtime Software ii. Preparing Disk Explorer and HDHOST iii. Remote Connection with Disk Explorer 4. Explain the following terms in detail:- i. Securing a Network ii. Performing Live Acquisitions 5. Briefly generalize the roles of the following term in investigations:- i. E-mail in investigations ii. E-mail in Client and Server 6. Explain briefly about the following terms in detail:- i. Examining E-mail Messages ii. Copying an E-mail Message iii. Viewing an E-mail Headers 7. Describe the following terms in detail:- i. Examining Additional Files ii. Tracing an E-mail Message iii. Using Network E-mail Logs iv. Examining E-mail Headers 8. Describe in detail about using specialized E-mail Forensics Tools 9. Describe in detail about Understanding E-mail Servers 10. Assess how mobile devices play a crucial role in forensics by : i. Basics of mobile Forensics ii. Inside Mobile Devices iii. Inside PDAs