Sunday, May 19, 2019
Quiz Computer Forensic & Investigation Essay
Hanley Strappman, 37, was trying to learn well-nigh the Com giveer and Digital Forensics program at Champlain College. He was able to obtain some tears, which he put on a diskette disk. To disguise his espionage, he decided to smuggle the floppy back stem after altering the files so that they couldnt be read using the ordinary DOS/Windows file manager.His deception was discovered, however, and the floppy has been recovered. Some of your counterparts have already tried to examine the disk to no avail. Upon discussions with Hanley, he has boasted that there ar three files on the disk but that Youll never know what I got You are being provided with a forensically true and accurate copy of Hanleys floppy disk. You are asked to examine the floppy disk and provide answers to a few questions about the integrity of the data that was recovered (in terms of maintaining the evidential chain), the recovery of certain information, and any actions that the suspect may have taken to intentional ly delete, hide and/or alter data on the floppy disk. Good LuckUsing the software tools provided to you in class, analyze the disk and conduct a full analysis of any artifacts found on the media. The following questions mustiness be completed in the time allottedThe Questions 1. What is the establish and address of the person to whom Hanley wrote a garner?Dr. John Watson 8295 Martha Lane Los Alamitos, CA 907202. Who is in the picture that Hanley obtained?Lewis Carroll, Edith, Lorina and Alice Lidell3. What is the information that Hanley supplied in a password-protected form?A file named curriculum in Microsoft Excel format.4. What are the names of the files on the floppy? Each was undercover or obscured in a different way indicate how you found the files and how you recovered the information.The file name is cc_stuff.exe Change the format to the .zip format and enter the password to get the information5. Where did you find the password?By using PRTK software, inside the evidenc e image at the pwd
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment