Homework Help

Lab-Disk Analysis-CST 640

Lab-Disk Analysis-CST 640

Lab-Disk Analysis-Lab 6-Worksheet Digital Forensics Technology and Practices

Table of Contents

Introduction. 2

Screenshot 1 – Yourname Text File Displayed  in the Recycle Bin. 3

Screenshot 2 – Execute the Yourname.bat file. 4

Screenshot 3 – Copy the Yourname.bat file to the Windows directory. 5

Screenshot 4 – Create a Scheduled Task that runs Yourname.bat. 6

Screenshot 5 – Yourname Folder on the Root of the C: Drive. 7

Screenshot 6 –  Finding Yourname.bat in Windows using FTK Imager. 8

Screenshot 7– Yourname Text within the Recycle Bin for Administrator. 9

Screenshot 8 – Evidence Item Information for Autospy. 10

Screenshot 9– Image File that had the Extension for a Document File. 11

Screenshot 10 –  Finding Yourname.bat in Windows using Autospy. 12

Conclusion. 13

APA References. 14

Introduction-Lab-Disk Analysis

Students: In the box below, please explain the purpose of Disk Analysis and explain how it is relevant to Digital Forensics Technology and Practices.

Screenshot 1 – Yourname Text File Displayed in the Recycle Bin

  1. When you look at the Yourname Text File Displayed in the Recycle Bin, the file name should be Your First Name. The use of anyone else’s name may result in an academic integrity review by your professor. Please label your screenshot to receive full credit.

Take a screenshot of the Your Name File within the Recycle Bin

Screenshot2 – Execute the Yourname.batfile

  1. Take a screenshot after you execute the yourname.bat file. The use of anyone else’s name may result in an academic integrity review by your professor. Please label your screenshot to receive full credit.

Take a screenshot of the yourname.bat file being executed

Screenshot 3 – Copy the Yourname.bat file to the Windows directory

  1. Take a screenshot after you copy the yourname.bat file to the Windows directory. The use of anyone else’s name may result in an academic integrity review by your professor. Please label your screenshot to receive full credit

Take a screenshot of the yourname.bat file being copied to the Windows directory

Screenshot 4 – Create a Scheduled Task “DIR” that runs Yourname.bat

  1. Take a screenshot after you Create a Scheduled Task that runs Yourname.bat. The use of anyone else’s name may result in an academic integrity review by your professor. Please label your screenshot to receive full credit.

Take a screenshot of Creating a Scheduled Task that runs Yourname.bat

Screenshot 5 – Yourname Folder on the Root of the C: Drive

  1. Take a screenshot after you create a Yourname Folder on the Root of the C: Drive. The use of anyone else’s name may result in an academic integrity review by your professor. Please label your screenshot to receive full credit.

Take a screenshot of Yourname Folder on the Root of the C: Drive

Screenshot 6 –  Finding Yourname.bat in Windows using FTK Imager

  1. Take a screenshot after you find yourname.bat in the Windows directory using FTK Imager. The use of anyone else’s name may result in an academic integrity review by your professor. Please label your screenshot to receive full credit.

Take a screenshot of Finding Yourname.bat in Windows using FTK Imager

Screenshot 7– Yourname Text within the Recycle Bin for Administrator

  1. When you use FTK Imager to look at the Recycle Bin for the Administrator (500), you will find a deleted file. The text within the file should include Your First Name. The use of anyone else’s name may result in an academic integrity review by your professor. Please label your screenshot to receive full credit.

Take a screenshot of the Your Name Text Displayed within the Recycle Bin

Screenshot 8 – Evidence Item Information for Autospy

  1. Take a screenshot of Your First Name and Your Last Name as the Examiner along with the other items you are required to fill out for the New Case Information for Autopsy. The use of anyone else’s name may result in an academic integrity review by your professor. Please label your screenshot to receive full credit.

Take a screenshot of Your First Name and Your Last Name as the Examiner

Screenshot 9– Image File that had the Extension for a Document File

  1. Provide a screenshot of one of the Image Files that had the Extension for a Document File. Please label your screenshot to receive full credit.

Take a screenshot of one of the Image Files that had the Extension for a Document File

Screenshot 10 – Finding Yourname.bat in Windows using Autospy

  1. Take a screenshot after you find yourname.bat in the Windows directory using FTK Imager. The use of anyone else’s name may result in an academic integrity review by your professor.The timestamp of the modified time of this file should be within the class timeframe. The use of a time stamp not during this class may result in an academic integrity review by your professor.

Please label your screenshot to receive full credit.

Take a screenshot of Finding Yourname.bat in Windows using Autopsy

Conclusion

Students: In the box below, please explain the purpose of doing this lab below and explain how in is relevant to Digital Forensics Technology and Practices. Highlight any new learning that occurred while doing this lab.

Hint: Discuss tools and commands used in the lab.

Conclusion
 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

APA References

Students: Please list at least 5 relevant APA References.

Answer Preview-Lab-Disk Analysis-CST 640

Lab-Disk Analysis

$15.00

Posted

in

by

admin

Tags: