Cloud Forensics...this presentation shows you the current state of progress and challenges that stand today in the world of CLOUD FORENSICS.Based on lots of Google search and whites by Josiah Dykstra and Alan Sherman.The presentation builds right from basics and compares the conflicting requirements between traditional and Clod Forensics.
Cloud Forensics...this presentation shows you the current state of progress and challenges that stand today in the world of CLOUD FORENSICS.Based on lots of Google search and whites by Josiah Dykstra and Alan Sherman.The presentation builds right from basics and compares the conflicting requirements between traditional and Clod Forensics.
Computer security threats & prevention,Its a proper introduction about computer security and threats and prevention with reference. Have info about threats and their prevention.
Cyber crime is an activity done using computers and internet.
Cyber forensics is the science of collecting, examining, analyzing and reporting electronic evidence.
Email Recovery
Email Recovery is needed when user gets their email files corrupt, deleted and in un used form.
Every email client application when found some of their email files corrupt then they shows the corruption error to user so that they can start to repair them using any recovery solution and access it again after recovery.
About Email recovery software :-
Microsoft Outlook and Outlook Express store email , contacts, notes, journals, tasks and calendar.
Sometimes email messages get deleted and that is panic too much. To retrieve this deleted emails, Email Recovery software is used.
Forensic science is a scientific method of gathering and examining information about the past which is then used in the court of law. Digital Forensics is the use of scientifically derived and proven methods toward the preservation, collection, validation, identification, analysis, interpretation, documentation, and presentation of digital evidence derived from digital devices for the purpose of facilitation or furthering the reconstruction of events found to be criminal, or helping to anticipate unauthorized actions shown to be disruptive to planned operations.
The development of intelligent network forensic tools to focus on specific type of network traffic analysis is a challenge in terms of future perspective.
This will reduce time delays, less computational resources requirement; minimize attacks, providing reliable and secured evidences, and efficient investigation with minimum efforts
Mobile forensics is a branch of digital forensics. Simply, it is a science of recovering different kinds of evidence from mobile phones. It helps investigators significantly to reach to the criminal.
A more in-depth analysis of cyber forensics; but explained eloquently for the beginner, by Chaitanya Dhareshwar - Cyber Crime Investigator, Technocrat and Entrepreneur.
Learn what cyber forensics is all about and how you can begin using the basic tools of forensics in your day to day life. Not only does it make the world a safer place, your data remains significantly more secure.
Every step you take towards cyber security in this lawless internet allows you to achieve greater knowledge unhindered.
What is digital evidence? , sources of digital evidence, types of digital evidence, the procedure for collecting digital evidence, records, digital vs physical evidence, controlling contamination.
Forensics analysis and validation: Determining what data to collect and analyze, validating forensic data, addressing data-hiding techniques, performing remote acquisitions Network Forensics: Network forensics overview, performing live acquisitions, developing standard procedures for network forensics, using network tools, examining the honeynet project.
In this paper, we deal with introducing a technique of digital forensics for reconstruction of
events or evidences after the commitment of a crime through any of the digital devices. It shows
a clear transparency between Computer Forensics and Digital Forensics and gives a brief
description about the classification of Digital Forensics. It has also been described that how
the emergences of various digital forensic models help digital forensic practitioners and
examiners in doing digital forensics. Further, discussed Merits and Demerits of the required models and review of every major model.
Forensic the word which indicate the detective work, which searches for and attempting to discover information. Mainly search is carried out for collecting evidence for investigation which is useful in criminal, civil or corporate investigations. Investigation is applicable in presence of some legal rules.
As criminals are getting smarter to perform crime that is, using data hiding techniques such as encryption and steganography, so forensic department has become alert has introduced a new concept called as Digital Forensic, which handles sensitive data which is responsible and confidential.
Computer security threats & prevention,Its a proper introduction about computer security and threats and prevention with reference. Have info about threats and their prevention.
Cyber crime is an activity done using computers and internet.
Cyber forensics is the science of collecting, examining, analyzing and reporting electronic evidence.
Email Recovery
Email Recovery is needed when user gets their email files corrupt, deleted and in un used form.
Every email client application when found some of their email files corrupt then they shows the corruption error to user so that they can start to repair them using any recovery solution and access it again after recovery.
About Email recovery software :-
Microsoft Outlook and Outlook Express store email , contacts, notes, journals, tasks and calendar.
Sometimes email messages get deleted and that is panic too much. To retrieve this deleted emails, Email Recovery software is used.
Forensic science is a scientific method of gathering and examining information about the past which is then used in the court of law. Digital Forensics is the use of scientifically derived and proven methods toward the preservation, collection, validation, identification, analysis, interpretation, documentation, and presentation of digital evidence derived from digital devices for the purpose of facilitation or furthering the reconstruction of events found to be criminal, or helping to anticipate unauthorized actions shown to be disruptive to planned operations.
The development of intelligent network forensic tools to focus on specific type of network traffic analysis is a challenge in terms of future perspective.
This will reduce time delays, less computational resources requirement; minimize attacks, providing reliable and secured evidences, and efficient investigation with minimum efforts
Mobile forensics is a branch of digital forensics. Simply, it is a science of recovering different kinds of evidence from mobile phones. It helps investigators significantly to reach to the criminal.
A more in-depth analysis of cyber forensics; but explained eloquently for the beginner, by Chaitanya Dhareshwar - Cyber Crime Investigator, Technocrat and Entrepreneur.
Learn what cyber forensics is all about and how you can begin using the basic tools of forensics in your day to day life. Not only does it make the world a safer place, your data remains significantly more secure.
Every step you take towards cyber security in this lawless internet allows you to achieve greater knowledge unhindered.
What is digital evidence? , sources of digital evidence, types of digital evidence, the procedure for collecting digital evidence, records, digital vs physical evidence, controlling contamination.
Forensics analysis and validation: Determining what data to collect and analyze, validating forensic data, addressing data-hiding techniques, performing remote acquisitions Network Forensics: Network forensics overview, performing live acquisitions, developing standard procedures for network forensics, using network tools, examining the honeynet project.
In this paper, we deal with introducing a technique of digital forensics for reconstruction of
events or evidences after the commitment of a crime through any of the digital devices. It shows
a clear transparency between Computer Forensics and Digital Forensics and gives a brief
description about the classification of Digital Forensics. It has also been described that how
the emergences of various digital forensic models help digital forensic practitioners and
examiners in doing digital forensics. Further, discussed Merits and Demerits of the required models and review of every major model.
Forensic the word which indicate the detective work, which searches for and attempting to discover information. Mainly search is carried out for collecting evidence for investigation which is useful in criminal, civil or corporate investigations. Investigation is applicable in presence of some legal rules.
As criminals are getting smarter to perform crime that is, using data hiding techniques such as encryption and steganography, so forensic department has become alert has introduced a new concept called as Digital Forensic, which handles sensitive data which is responsible and confidential.
Proposed Workable Process Flow with Analysis Framework for Android Forensics ...theijes
Nowadays, android smartphones are becoming more popular and the greatest platform for mobile devices which has capability to run millions of mobile phones in about more than 200 countries. It may bring not only convenience for people but also crimes or security issues. Some people are committed the crimes by using the technology and mobile devices. So, android forensics is very important and necessary in cyber-crime investigation. With no doubt, this proposed process flow and framework will definitely support for android forensics in developing countries’ cyber-crime investigation. Because it provides to solve the crimes with applicable guidelines and includes Open Source Tools, Linux command-line utility, Android Debug Bridge (ADB) commands, Freeware tools and Proposed tools. Although forensics tools are non-commercial in this framework, they can cover and support for android forensics process.
Comparative Analysis of Digital Forensic Extraction Toolsijtsrd
Computer forensics Process collecting and examining information present in digital format in civil, criminal, or administrative proceedings for use as evidence. It is also a from data recovery, which involves the recovery of data from a system that has been erased by error or lost during a server crash. Tools are designed to extract evidence from the computer and it is the role of the investigator to check whether the crime or policy violation has been committed by the suspect. Investigators use various kinds of tools based on the area or the kind of information which is lost such as digital data, network compromise, cyber breach, web data, email and many more. Varun H M | Dr. Uma Rani Chellapandy | Srividya B G "Comparative Analysis of Digital Forensic Extraction Tools" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-5 | Issue-1 , December 2020, URL: https://www.ijtsrd.com/papers/ijtsrd37980.pdf Paper URL : https://www.ijtsrd.com/computer-science/computer-security/37980/comparative-analysis-of-digital-forensic-extraction-tools/varun-h-m
Cloud Forensics: Drawbacks in Current Methodologies and Proposed SolutionIJERA Editor
Cloud Computing is a heavily evolving domain in technology. Many public and private entities are shifting their workstations on the cloud due to its robust, remote, virtual environment. Due to the enormity of this domain, it has become increasingly easier to carry out any sort of malicious attacks on such cloud platforms. There is a very low research done to develop the theory and practice of cloud forensics. One of the main challenges includes the inability to collect enough evidence from each and every subscriber of a Cloud Service Provider(CSP) and thus not being able to trace out the roots of the malicious activity committed. In this paper we compare past research done in this field and address the gaps and loopholes in the frameworks previously suggested. Overcoming these, our system/framework facilitates the collection, organization, and thereby the analysis of the evidence sought, hence preserving the essential integrity of the sensitive and volatile data.
Enhancements in the world of digital forensicsIAESIJAI
Currently, the rapid advancement of computer systems and mobile phones has resulted in their utilization in unlawful acts. Ensuring adequate and effective security measures poses a difficult task due to the intricate nature of these devices, thereby exacerbating the challenges associated with investigating crimes involving them. Digital forensics, which involves investigating cyber crimes, plays a crucial role in this realm. Extensive research has been conducted in this field to aid forensic investigations in addressing contemporary obstacles. This paper aims to explore the progress made in the applications of digital forensics and security, encompassing various aspects, and provide insights into the evolution of digital forensics over the past five years.
Collecting and analyzing network-based evidenceCSITiaesprime
Since nearly the beginning of the Internet, malware has been a significant deterrent to productivity for end users, both personal and business related. Due to the pervasiveness of digital technologies in all aspects of human lives, it is increasingly unlikely that a digital device is involved as goal, medium or simply ‘witness’ of a criminal event. Forensic investigations include collection, recovery, analysis, and presentation of information stored on network devices and related to network crimes. These activities often involve wide range of analysis tools and application of different methods. This work presents methods that helps digital investigators to correlate and present information acquired from forensic data, with the aim to get a more valuable reconstructions of events or action to reach case conclusions. Main aim of network forensic is to gather evidence. Additionally, the evidence obtained during the investigation must be produced through a rigorous investigation procedure in a legal context.
How to Use Linux Forensic Analysis Tools for Digital Investigations.pdfuzair
Linux provides a vast range of forensic analysis tools that can be used to conduct digital investigations. The use of these tools is crucial to ensure the
integrity of the evidence collected and to maintain the chain of custody. Acquiring evidence, analyzing it, and reporting on the findings are the three main steps of a digital investigation. In this article, we have covered how to use Linux forensic analysis tools for each of these steps.
Linux forensic analysis tools provide a powerful and cost-effective solution for digital investigations. These tools are regularly updated to keep up with the latest technology and techniques. However, it is important to note that the use of these tools requires a high level of expertise and knowledge in digital forensics.
In summary, Linux forensic analysis tools are an essential part of digital investigations, and their use is becoming increasingly important as digital data continues to play a crucial role in legal proceedings. With the right expertise and knowledge, these tools can be used to acquire, analyze, and report on electronic evidence in a reliable and secure manner.
FAQs
What is a digital investigation? A digital investigation is the process of collecting, analyzing, and reporting on electronic data to uncover facts that can be used in legal proceedings.
What are Linux forensic analysis tools? Linux forensic analysis tools are a collection of software tools used to acquire, analyze, and report on electronic evidence in a digital investigation.
What are the benefits of using Linux forensic analysis tools? Linux forensic analysis tools provide a cost-effective and powerful solution for digital investigations. They are regularly updated to keep up with the latest technology and techniques.
Are Linux forensic analysis tools difficult to use? The use of Linux forensic analysis tools requires a high level of expertise and knowledge in digital forensics. However, with the right expertise, these tools can be used effectively to acquire, analyze, and report on electronic evidence.
Can Linux forensic analysis tools be used in legal proceedings? Yes, Linux forensic analysis tools can be used in legal proceedings to provide evidence in a case. However, it is important to ensure that the evidence collected is reliable, secure, and admissible in court.
Linux provides a vast range of forensic analysis tools that can be used to conduct digital investigations. The use of these tools is crucial to ensure the
integrity of the evidence collected and to maintain the chain of custody. Acquiring evidence, analyzing it, and reporting on the findings are the three main steps of a digital investigation. In this article, we have covered how to use Linux forensic analysis tools for each of these steps.
Linux forensic analysis tools provide a powerful and cost-effective solution for digital investigations. These tools are regularly updated to keep up with the latest technology and techniques. However, it is important to
Now a days we are living in an era of Information Technology where each and every person has to become IT incumbent either intentionally or unintentionally. Technology plays a vital role in our day to day life since last few decades and somehow we all are depending on it in order to obtain maximum benefit and comfort. This new era equipped with latest advents of technology, enlightening world in the form of Internet of Things (IoT). Internet of things is such a specified and dignified domain which leads us to the real world scenarios where each object can perform some task while communicating with some other objects. The world with full of devices, sensors and other objects which will communicate and make human life far better and easier than ever. This paper provides an overview of current research work on IoT in terms of architecture, a technology used and applications. It also highlights all the issues related to technologies used for IoT, after the literature review of research work. The main purpose of this survey is to provide all the latest technologies, their corresponding
trends and details in the field of IoT in systematic manner. It will be helpful for further research.
DDOS ATTACK DETECTION ON INTERNET OF THINGS USING UNSUPERVISED ALGORITHMSijfls
The increase in the deployment of IoT networks has improved productivity of humans and organisations.
However, IoT networks are increasingly becoming platforms for launching DDoS attacks due to inherent
weaker security and resource-constrained nature of IoT devices. This paper focusses on detecting DDoS
attack in IoT networks by classifying incoming network packets on the transport layer as either
“Suspicious” or “Benign” using unsupervised machine learning algorithms. In this work, two deep
learning algorithms and two clustering algorithms were independently trained for mitigating DDoS
attacks. We lay emphasis on exploitation based DDOS attacks which include TCP SYN-Flood attacks and
UDP-Lag attacks. We use Mirai, BASHLITE and CICDDoS2019 dataset in training the algorithms during
the experimentation phase. The accuracy score and normalized-mutual-information score are used to
quantify the classification performance of the four algorithms. Our results show that the autoencoder
performed overall best with the highest accuracy across all the datasets.
DDoS Attack Detection on Internet o Things using Unsupervised Algorithmsijfls
The increase in the deployment of IoT networks has improved productivity of humans and organisations. However, IoT networks are increasingly becoming platforms for launching DDoS attacks due to inherent weaker security and resource-constrained nature of IoT devices. This paper focusses on detecting DDoS attack in IoT networks by classifying incoming network packets on the transport layer as either “Suspicious” or “Benign” using unsupervised machine learning algorithms. In this work, two deep learning algorithms and two clustering algorithms were independently trained for mitigating DDoS attacks. We lay emphasis on exploitation based DDOS attacks which include TCP SYN-Flood attacks and UDP-Lag attacks. We use Mirai, BASHLITE and CICDDoS2019 dataset in training the algorithms during the experimentation phase. The accuracy score and normalized-mutual-information score are used to quantify the classification performance of the four algorithms. Our results show that the autoencoder performed overall best with the highest accuracy across all the datasets.
Security and Authentication of Internet of Things (IoT) DevicesSanjayKumarYadav58
The proposed scheme deals with an authentication and security model for IoT applications. It is based on protecting the network from the intruders, decrease the authentication complexity and increase the communication efficiency of network devices. A signature based authentication scheme proposed for mutual authentication among users and devices in the network. The output of proposed scheme gives the better output compare to existing solutions in terms of End-To-End (E2E), Throughput, and Packet Delivery ratio. The proposed scheme implemented on Network Simulator (NS2).
Unit IV Knowledge and Hybrid Recommendation System.pdfArthyR3
This document details the knowledge based recommendation system and hybrid recommendation system. A knowledge and hybrid recommendation system combines the capabilities of knowledge-based and hybrid recommendation systems to provide personalized recommendations to users.
This tutorial provides an overview of content-based recommender systems, a type of recommendation system that suggests items based on the features of the items and a profile of the user's preferences. It covers the basic concepts, algorithms, and implementation steps involved in building a content-based recommender system.
This is a quick reference document that comprises the entire concepts of Java Programming. This document covers, the basic of OOPs, features of Java, basics of Java, Inheritance, Interface, Exception, Generic, Stream, Collection, Multithreading, Swings, etc.
This document helps to understand the basics of expressjs and codes related nodejs. The document covers the middleware concepts, routing in nodejs and session management in nodejs.
This material covers Authentication requirement, Authentication function, MAC, Hash function, Security of hash function and MAC, SHA, Digital signature and authentication protocols, DSS, Authentication protocols like Kerberos and X.509, entity authentication
This material covers Authentication requirement, Authentication function, MAC, Hash function, Security of hash function and MAC, SHA, Digital signature and authentication protocols, DSS, Authentication protocols like Kerberos and X.509, entity authentication
This document is to guide in the basic topics of cryptographic and network security. The detail insight of classical encryption algorithm is given here. The step by step process is clearly explained in this document.
JAVA - A Quick Reference
A quick guide to learn more about JAVA Programming. This covers the core concepts of JAVA with OOP concepts. This also covers swing programming.
Introduction to AI for Nonprofits with Tapp NetworkTechSoup
Dive into the world of AI! Experts Jon Hill and Tareq Monaur will guide you through AI's role in enhancing nonprofit websites and basic marketing strategies, making it easy to understand and apply.
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...Levi Shapiro
Letter from the Congress of the United States regarding Anti-Semitism sent June 3rd to MIT President Sally Kornbluth, MIT Corp Chair, Mark Gorenberg
Dear Dr. Kornbluth and Mr. Gorenberg,
The US House of Representatives is deeply concerned by ongoing and pervasive acts of antisemitic
harassment and intimidation at the Massachusetts Institute of Technology (MIT). Failing to act decisively to ensure a safe learning environment for all students would be a grave dereliction of your responsibilities as President of MIT and Chair of the MIT Corporation.
This Congress will not stand idly by and allow an environment hostile to Jewish students to persist. The House believes that your institution is in violation of Title VI of the Civil Rights Act, and the inability or
unwillingness to rectify this violation through action requires accountability.
Postsecondary education is a unique opportunity for students to learn and have their ideas and beliefs challenged. However, universities receiving hundreds of millions of federal funds annually have denied
students that opportunity and have been hijacked to become venues for the promotion of terrorism, antisemitic harassment and intimidation, unlawful encampments, and in some cases, assaults and riots.
The House of Representatives will not countenance the use of federal funds to indoctrinate students into hateful, antisemitic, anti-American supporters of terrorism. Investigations into campus antisemitism by the Committee on Education and the Workforce and the Committee on Ways and Means have been expanded into a Congress-wide probe across all relevant jurisdictions to address this national crisis. The undersigned Committees will conduct oversight into the use of federal funds at MIT and its learning environment under authorities granted to each Committee.
• The Committee on Education and the Workforce has been investigating your institution since December 7, 2023. The Committee has broad jurisdiction over postsecondary education, including its compliance with Title VI of the Civil Rights Act, campus safety concerns over disruptions to the learning environment, and the awarding of federal student aid under the Higher Education Act.
• The Committee on Oversight and Accountability is investigating the sources of funding and other support flowing to groups espousing pro-Hamas propaganda and engaged in antisemitic harassment and intimidation of students. The Committee on Oversight and Accountability is the principal oversight committee of the US House of Representatives and has broad authority to investigate “any matter” at “any time” under House Rule X.
• The Committee on Ways and Means has been investigating several universities since November 15, 2023, when the Committee held a hearing entitled From Ivory Towers to Dark Corners: Investigating the Nexus Between Antisemitism, Tax-Exempt Universities, and Terror Financing. The Committee followed the hearing with letters to those institutions on January 10, 202
How to Make a Field invisible in Odoo 17Celine George
It is possible to hide or invisible some fields in odoo. Commonly using “invisible” attribute in the field definition to invisible the fields. This slide will show how to make a field invisible in odoo 17.
Honest Reviews of Tim Han LMA Course Program.pptxtimhan337
Personal development courses are widely available today, with each one promising life-changing outcomes. Tim Han’s Life Mastery Achievers (LMA) Course has drawn a lot of interest. In addition to offering my frank assessment of Success Insider’s LMA Course, this piece examines the course’s effects via a variety of Tim Han LMA course reviews and Success Insider comments.
2024.06.01 Introducing a competency framework for languag learning materials ...Sandy Millin
http://sandymillin.wordpress.com/iateflwebinar2024
Published classroom materials form the basis of syllabuses, drive teacher professional development, and have a potentially huge influence on learners, teachers and education systems. All teachers also create their own materials, whether a few sentences on a blackboard, a highly-structured fully-realised online course, or anything in between. Despite this, the knowledge and skills needed to create effective language learning materials are rarely part of teacher training, and are mostly learnt by trial and error.
Knowledge and skills frameworks, generally called competency frameworks, for ELT teachers, trainers and managers have existed for a few years now. However, until I created one for my MA dissertation, there wasn’t one drawing together what we need to know and do to be able to effectively produce language learning materials.
This webinar will introduce you to my framework, highlighting the key competencies I identified from my research. It will also show how anybody involved in language teaching (any language, not just English!), teacher training, managing schools or developing language learning materials can benefit from using the framework.
A Strategic Approach: GenAI in EducationPeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfTechSoup
In this webinar you will learn how your organization can access TechSoup's wide variety of product discount and donation programs. From hardware to software, we'll give you a tour of the tools available to help your nonprofit with productivity, collaboration, financial management, donor tracking, security, and more.
Operation “Blue Star” is the only event in the history of Independent India where the state went into war with its own people. Even after about 40 years it is not clear if it was culmination of states anger over people of the region, a political game of power or start of dictatorial chapter in the democratic setup.
The people of Punjab felt alienated from main stream due to denial of their just demands during a long democratic struggle since independence. As it happen all over the word, it led to militant struggle with great loss of lives of military, police and civilian personnel. Killing of Indira Gandhi and massacre of innocent Sikhs in Delhi and other India cities was also associated with this movement.
Model Attribute Check Company Auto PropertyCeline George
In Odoo, the multi-company feature allows you to manage multiple companies within a single Odoo database instance. Each company can have its own configurations while still sharing common resources such as products, customers, and suppliers.
Macroeconomics- Movie Location
This will be used as part of your Personal Professional Portfolio once graded.
Objective:
Prepare a presentation or a paper using research, basic comparative analysis, data organization and application of economic information. You will make an informed assessment of an economic climate outside of the United States to accomplish an entertainment industry objective.
Instructions for Submissions thorugh G- Classroom.pptxJheel Barad
This presentation provides a briefing on how to upload submissions and documents in Google Classroom. It was prepared as part of an orientation for new Sainik School in-service teacher trainees. As a training officer, my goal is to ensure that you are comfortable and proficient with this essential tool for managing assignments and fostering student engagement.
1. DEPARTMENT OF INFORMATION TECHNOLOGY
Subject Code : CS6004 Subject Name : Cyber Forensics
Class : IV IT / VIII Subject In – Charge : Dr. P. Subathra, Prof./IT
R. Arthy, AP/IT
QUESTION BANK
UNIT IV
EVIDENCE COLLECTION AND FORENSICS TOOLS
Processing Crime and Incident Scenes – Working with Windows and DOS Systems. Current
Computer Forensics Tools: Software/ Hardware Tools.
Q. No Question Marks
Knowledge
Level
Number of
Times in
AU
PART – A
Processing Crime and Incident Scenes
1.
Label any three types of field kit to be used in crime scene. [May
2017] 2 K1 1
2.
State the motivations for computer intrusion or theft of information in
contemporary society. [Nov 2018]
2 K2 1
3. How to identify the cyber crime? [May 2019] 2 K2 1
4. Give examples for Computer crimes. 2 K1 -
Working with Windows and DOS Systems
5.
When you delete a image/audio/video, do you really delete it? Is it
possible to revert the deleted data? [May 2018]
2 K2 1
6. List out some of the open – source encryption tools. 2 K1 -
7. Define FAT and VFAT. 2 K1 -
8. What is meant by Encrypting File System? 2 K1 -
Current Computer Forensics Tools: Software/ Hardware Tools.
9.
Classify and compare hardware and software Forensic tools. [May
2017]
2 K2 1
10. Define Master Boot Record (MBR). [Nov 2017] 2 K1 1
11. What is Zoned Bit Recording (ZBR)? [Nov 2017] 2 K1 1
12. What is a virtual machine? [May 2018] 2 K1 1
2. Q. No Question Marks
Knowledge
Level
Number of
Times in
AU
13. Distinguish between Validation and discrimination. [Nov 2018] 2 K2 1
14. List out any two forensics tool for evidence collection. [May 2019] 2 K1 1
15. List out the disk drive components. 2 K1 -
16. Define track density. 2 K1 -
17. List out the properties handled at the driver’s hardware. 2 K1 -
18. Write down the tasks for planning your investigation. 2 K1 -
19. Write down the task performed by computer forensics tools. 2 K1 -
20. What is meant by acquisition and list out its functions? 2 K1 -
21. Define writer – blocker. 2 K1 -
PART - B
Processing Crime and Incident Scenes
22.
Analyze how the following techniques are used:
a) Processing Data centers with RAID systems. (8)
b) Documents evidence in the lab. (4)
c) Processing and handling digital evidence. (4)
[Nov 2017]
16 [13] K2 1
23.
Explain briefly the RAID architecture and its types with the data
acquisition structure. Also explain the data centers used in processing
the RAID systems. [May 2017]
16 [13] K2 1
24.
Outline the process of preparing to acquire digital evidence,
processing an incident or crime scene and processing data centers
with RAID systems. [May 2018]
16 [13] K2 1
25.
Outline the seizing procedure for the digital evidence at the crime
scene. [Nov 2018] 13 K2 1
26.
How to process the cyber crime and incident scenes? Explain it. [May
2019] 13 K2 1
Working with Windows and DOS Systems
27.
Explain in detail about how the understanding NTFA, FAT, FAT32
file system plays a crucial role in cyber forensic. [May2017] 16 [13] K2 1
28.
Examine the MS-DOS startup tasks and about other Disk operating
system in details. [Nov 2017] 16 [13] K2 1
29.
Explain the following: NTFS data streams, NTFS compressed files
and NTFS encrypting file system. [May 2018] 16 [13] K2 1
30. Illustrate with an example to examine the NTFS disks. [Nov 2018] 13 K2 1
Current Computer Forensics Tools: Software/ Hardware Tools
31.
Demonstrate the use of computer forensic hardware and software
tools used to solve the different types of forensics. [Nov 2018] 13 K2 1
PART - C
3. Q. No Question Marks
Knowledge
Level
Number of
Times in
AU
Working with Windows and DOS Systems
32.
You're using Disk Manager to view primary and extended partitions
on a suspect's drive. The program reports the extended partitions total
size as larger than the sum of the sizes of logical partitions in this
extended partition. Justify the following terms when,
i) The disk is corrupted.
ii) There's a hidden partition.
iii) Nothing; this is what you'd expect to see.
iv) Password is unknown.
[Nov 2018]
15 K3 1
Current Computer Forensics Tools: Software/ Hardware Tools
33.
Interpret and validate the results of a forensics analysis, you should do
which of the following:
i) Calculate the hash value with two different tools.
ii) Use a different tool to compare the results of evidence you find.
iii) Repeat the steps used to obtain the digital evidence, using the
same tool, and recalculate.
iv) The hash value to verify the results.
v) Do both i) and ii)
vi) Do both ii) and iii)
vii) Do both i) and iii)
15 K3 1
34.
Consider the situations. Employer files have been deleted, disks have
been reformatted or other steps have been taken to conceal or destroy
the evidence. How to recover the evidence using any forensics tool to
safe guard the employee? [May 2019]
15 K3 1
35.
A patient with a heart ailment was transported to a hospital where an
angiogram was performed. The patient later had a stint inserted into
an artery along with a second angiogram, but died shortly thereafter.
A third angiogram was performed immediately after the patient's
death. Images of the angiogram procedures were purportedly stored
on computer hard drives. The day following the patient's death,
hospital staffs were able to locate images for the first and third
angiograms but could not find any images of the second procedure.
The hospital and doctor were sued for medical malpractice and
wrongful death. The plaintiffs also claimed the defendants had
deliberately deleted the images of the second angiogram that
allegedly proved the wrongful death claim. A CES team (CFST) was
engaged by the doctor's insurance company to locate images of the
second angiogram on the computer hard drive. Explain the possible
actions that the CFST took to locate the images. [May 2019]
15 K3 1
Subject In – Charge Subject Matter Expert HoD/IT
4. DEPARTMENT OF INFORMATION TECHNOLOGY
Subject Code : CS6004 Subject Name : Cyber Forensics
Class : IV IT / VIII Subject In – Charge : Dr. P. Subathra, Prof./IT
R. Arthy, AP/IT
QUESTION BANK
UNIT V
ANALYSIS AND VALIDATION
Validating Forensics Data – Data Hiding Techniques – Performing Remote Acquisition – Network
Forensics – Email Investigations – Cell Phone and Mobile Devices Forensics
Q. No Question Marks
Knowledge
Level
Number of
Times in
AU
PART – A
Validating Forensics Data
1.
List out the file systems in which FTK can perform forensic
analysis.
2 K1 -
2. Define scope creep. 2 K1 -
3. What is meant by Known File Filters (KFF)? 2 K1 -
4. What is meant by auto image checksum verification? 2 K1 -
Data Hiding Techniques
5. Describe Bit Shifting with an example. [Nov 2017] 2 K2 1
6. What is steganography? [May 2018] 2 K1 1
7. Show various Steganalysis attack methods. [Nov 2018] 2 K1 1
8. What is meant by key escrow? 2 K1 -
9. List out some of the password cracking tools. 2 K1 -
10. Define rainbow table. 2 K1 -
11. List out the three ways to recover passwords. 2 K1 -
Performing Remote Acquisition
12. How to perform the remote acquisition process? [May 2019] 2 K1 1
13. What is meant by remote acquisition? 2 K1 -
5. Network Forensics
14.
Name any three standard procedures used in Network Forensics.
[May 2017]
2 K1 1
15. Define order of volatility (OOV). [Nov 2018] 2 K1 1
16. Write any one the network forensics scenario. [May 2019] 2 K1 1
17. Define network forensics. 2 K1 -
18. What is the use of network logs? 2 K1 -
19. Define layered network defense network strategy. 2 K1 -
20. What is the purpose of Tepdump program? 2 K1 -
21. What is the usage of ethereal network analysis tool? 2 K1 -
22. Define Sysinternals and give examples. 2 K1 -
23. Define Knoppix security tools distribution (STD). 2 K1 -
24. Define phishing. 2 K1 -
Email Investigations
25.
Decide the roles of Client and Servers in Email Investigations. [May
2017]
2 K1 1
26.
Mention the e-mail storage format available in Novell Evolution.
[Nov 2017]
2 K1 1
27. Give examples for e-mail forensics tools. [May 2018] 2 K1 1
28. Give examples for e-mail server program. 2 K1 -
29. What is the significance of e-mail forensics tools? 2 K1 -
30. Define spoofing. 2 K1 -
Cell Phone and Mobile Devices Forensics
31. Write down the main components used for mobile communication. 2 K1 -
32. Define Orthogonal frequency division multiplexing. 2 K1 -
33. List out the technologies supported by 4G networks. 2 K1 -
PART - B
Validating Forensics Data
34.
Discuss the procedure to validate the hexadecimal editors. [May
2017]
8 K2 1
35. Explain in detail about the process of validating forensics data. 13 K2 -
Data Hiding Techniques
36.
Briefly explain any one steganography algorithm to hide data in an
image. [May 2017] (or) Write short notes on Data Hiding
Techniques. [May 2019]
8 K2 2
6. 37.
Explain data hiding techniques and how to apply the data hiding
techniques in various applications. [Nov 2017, Nov 2018]
8, 13 K2 1
Network Forensics
38. Elaborate about the network tools. 13 K2 -
Email Investigations
39.
Examine and list the procedure to analyze the UNIX and Microsoft
E-mail server logs. [May 2017]
16 [13] K2 1
40.
Describe in detail about specialized E-mail forensic tools. [Nov
2017]
8 K2 1
41.
Explain the steps involved in examining in Microsoft e-mail server
logs and explain it in detail. [Nov 2017, Nov 2018]
8, 15 K2 2
42.
Explain the process of investigating e-mail crimes and violation.
[May 2018]
16 [13] K2 1
43. Write a short note on Email Investigations. [May 2019] 6 K2 1
Cell Phone and Mobile Devices Forensics
44. Elaborate about mobile device forensics. [Nov 2017] 8 K2 1
45.
Appraise the acquisition procedures for cell phones and mobile
devices. [May 2018]
16 [13] K2 1
PART - C
E-Mail Investigation
46.
One of the Senior Service Manager working with the bank,
received an email message from one of this client who requested an
immediate financial transaction to send 1.25 Cr for vendor
payment. In the received email, the client was holding exactly his
original email address. As the client who holds a prestigious
designation running several business organizations used to send
frequent such emails. Because of which, the Bank official’s started
the procedure to send the amount to the concerned recipient
wherein it was proved fatal. The situation became worse when the
client was found unknown who was asked to send the amount as a
vendor payment. Help the forensic department to identify the
victim.
15 K3 -
Cell Phone and Mobile Devices Forensics
47.
A man has been arrested by the Crime Branch of Mumbai Police
for allegedly sending threatening text messages to Bollywood
actress. The accused sent four messages to the actress, threatening
to kill her children of she did not pay him, say sources. How to do
mobile device forensics on this case? [May 2019]
15 K3 1
Subject In – Charge Subject Matter Expert HoD/IT