Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

5. As a digital forensics analyst, you are invited to participate in a raid wher

ID: 3703527 • Letter: 5

Question

5. As a digital forensics analyst, you are invited to participate in a raid where computers are suspected as being used in a criminal enterprise. When the raid is conducted, the computers are being used by potential suspects, so they are on and operating. Once the police have the potential suspects under control, you have to decide what evidence to collect a. Outline for me all of the procedures that you would take to ensure that the maximum amount of evidence is obtained from the computers on the premises. Be thorough and make sure you think of anything that might help in your investigation b. What tools would be helpful in your activities?

Explanation / Answer

Answer:

(A) So for the given scenario where computers are suspected of being used in a criminal enterprise and at the time of raid computer were on and operating.

So for this as a digital forensics analyst, there are following things that can be done to get more and more evidence from the computer on the premises.

Firstly we will run the tool which will analyze all the file which are being opened in last 4-5 hours which means applications which were using ram and resources of the computer by this we will get to know what exactly was an attacker trying to do.

After that, we will extract all the zip file and other files which are present in the system. By this, we get to know the files available in system i.e. data. After that with the help of coroner toolkit, we will check that if there are any files which are being which are deleted i.e. disaster and data recovery It can be done with the help of this tool.

After that, we will use another most popular too mendiant redline which will analyze the file and memory. As the computer is on and running then this tool will analyze all the running process, host, driver, internet history and every other thing which are up and running on the computer. This can really help in finding evidence about the criminal activities which is being done with the computer.

(B) These are following tools which are most used in the getting evidence in the following scenario.

Hope this helps....

Good Luck....!!

Related Questions

5. An ideal spring with spring constant 600 N/m stands vertically on the ground.
Question #1299948
5. An illustration of the architectural organization of lac operon, a biological
Question #281506
5. An imperfect robot tests motion sensors to see if they are accurate to within
Question #2922029
5. An important financial institution that assists in the initial sale of securi
Question #2788782
5. An increase in demand and a decrease in supply will A. Reduce price but may i
Question #1137945
5. An instructor has the following grading policy: \"Curving of grades is achiev
Question #3731602
5. An insurance agent makes this offer: If you pay him $50,000 today, we will pa
Question #2612701
5. An insurance company looks at the records for millions of homeowners and conc
Question #2925950
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
5. As Treasurer, you are responsible for ensuring adequate funding of trading ac
Next
5. As a fifth-grade teacher, your best application of Erikson\'s theory would be

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.