Reference no: EM131441718
Lab: Documenting a Workstation Configuration Using Common Forensic Tools
Learning Objectives - Upon completing this lab, you will be able to:
- Use a forensics tool to identify a computer system's configuration, hardware, and software.
- Use a forensics tool to identify device information and configuration details of a computer system.
- Use a hex editor to perform a byte-level examination of an unknown file type.
- Correctly identify and confirm the file type for a misnamed file.
- Create a forensics report of your findings from the computer audit.
Overview -
In this lab, you performed a forensic analysis of a Windows machine using three commonly available tools: WinAudit, DevManView, and Frhed. You reviewed the forensic capabilities of each tool, using the sample files provided, to determine any clandestine threats and vulnerabilities such as viruses or malicious software, if any. You also recovered a file that was altered to hide its native file format. You documented your findings in a forensics report.
Lab Assessment Questions & Answers
1. What is the main purpose of a software tool like WinAudit in computer forensics?
2. Which item(s) generated by WinAudit would be of critical importance in a computer forensic investigation?
3. Could you run WinAudit from a flash drive or any other external media? If so, why is this important during a computer forensic investigation?
4. Why would you use a tool like DevManView while performing a computer forensic investigation?
5. Which item(s) available from DevManView would be of critical importance in a computer forensic investigation?
6. What tool similar to DevManView is already present in Microsoft Windows systems?
7. Why would someone use a hex editor during a forensic investigation?
8. What "clue" in the Frhed examination of target.abc led you to the correct extension for that file?
9. Describe the contents of the target.jpg file and the application in which it opens.
10. Why do you need to keep evidence unaltered?
Assignment -
https://jblcourses.com/webapp/BLTI/MainFrame.aspx?hpath=https://jblcourses.com/Lab/kim_Lab13.html
|
What is forward rate calculation
: Forward Rate calculation. If someone you were working with argued that the current forward rate quoted on currency pair is the market's expectation of where the future spot rate will end up, what would you say?
|
|
List and explain the views of the creation day
: what 4 worlds does the vocalic world of interpretation include and explain. Drawing might help but will not be sufficient.
|
|
Primary and supporting elements
: Explain the CBP (primary and supporting elements). What are the “Order Winners” that will help provide a competitive advantage? List elements that will need to be addressed to get started (such as advertising, employee hiring and training, permits, e..
|
|
What is the price elasticity
: Please explain how you got the answer to this question! You have the following demand for a pack of cigarettes: Q=200- 0.30P with the average quantity of 3 packs and average price of $3.00 per pack. What is the price elasticity?
|
|
What is the main purpose of a software tool like winaudit
: In this lab, you performed a forensic analysis of a Windows machine using three commonly available tools: WinAudit, DevManView, and Frhed. What is the main purpose of a software tool like WinAudit in computer forensics
|
|
Calculate the present value of the dividend paid today
: The stock's current dividend is $1.00 per share, and dividends are expected to grow at a constant rate of 3.50% per year. The intrinsic value of a stock should equal the sum of the present value (PV) of all of the dividends that a stock is suppose..
|
|
Law relating to copyright infringement
: Is it wrong or illegal with making a copy of your favorite CD, so you can play one copy in your home and another copy in your car? Is it wrong or illegal about copying a CD of your favorite music onto a blank disk to give to your friend as a gift? Wh..
|
|
The monte carlo and the stimulation analysis
: The two stimulation models that are used often are the Monte Carlo and the stimulation analysis. What do you feel are the differences between the two?
|
|
Explain meaning of-operating-investing-financing activities
: Explain the meaning of the three categories of a statement of cash flows: operating, investing and financing activities. Give an example of an inflow and an outflow for each category.
|