Lab 3 - Report file

docx

School

Saint Leo University *

*We aren’t endorsed by this school

Course

452

Subject

Communications

Date

Apr 3, 2024

Type

docx

Pages

19

Uploaded by hnmathewson

Report
Lab 3: Uncovering New Digital Evidence Using Bootable Forensic Utilities Hannah Mathewson  Computer Forensics COM-452-OL01 Professor James Jones February 3, 2024
Section 1: Hands-On Demonstration Part 1: Explore a Windows Workstation with Helix 9.) Make a screen capture showing the Network Information data from the System Information screen and paste it into your Lab Report file.
14.) Make a screen capture showing the PC On/Off Time window and paste it into the Lab Report file. 15.) In the Lab Report file, document the amount of time the computer was on today. 0:00 21.) In the Lab Report file, document the following data as displayed at the bottom of the Helix window: File name: TravelPhoto.bmp File size: 3164 x 2112 Color depth: 24 bit
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
24.) Make a screen capture showing the Details tab of the Properties dialog box and paste it into the Lab Report file. 27.) Make a screen capture showing the image and paste it into the Lab Report file.
Part 2: Use Forensic Tools to Extract Data
6.) In the Lab Report file, document the memory value from the Private Bytes column. 12,300 K 7.) Make a screen capture showing the Process Explorer window and the highlighted item and paste it into the Lab Report file. 12.) Make a screen capture showing the FavoritesView window and the highlighted item and paste it into the Lab Report file.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
17.) Make a screen capture showing the IECacheView window and the highlighted item and paste it into the Lab Report file. 22.) Make a screen capture showing the IECookiesView window and the highlighted item and paste it into the Lab Report file.
30.) Make a screen capture showing the BrowsingHistoryView window and the highlighted item and paste it into the Lab Report file. 35.) Make a screen capture showing the MyLastSearch window with the highlighted item and paste it into your Lab Report file.
Section 2: Applied Learning
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Part 1: Explore a Windows Workstation with Helix 8.) Make a screen capture showing the disk information for the C: drive and paste it into your Lab Report file. 13.) Make a screen capture showing the data points associated with the image in the Helix window and paste it into the Lab Report file.
Part 2: Use Forensic Tools to Extract Data
4.) Make a screen capture showing the Performance metrics and paste it into the Lab Report file. 8.) Make a screen capture showing the Cloudparadox web site in the browser window and paste it into the Lab Report file.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
12.) Make a screen capture showing the Properties dialog box for the most recently accessed item and paste it into the Lab Report file. 16.) Make a screen capture showing the IECookiesView window and the details for the highlighted item and paste it into the Lab Report file.
22.) Make a screen capture showing the Properties dialog box and paste it into the Lab Report file. 25.) Make a screen capture showing the MyLastSearch window with the most recently searched text highlighted and paste it into your Lab Report file.
Section 3: Lab Challenge and Analysis
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Part 1: Analysis and Discussion 1.) Why would someone need to use tools like IECacheView or MyLastSearch on a system? Do companies have the right to search a workstation they issued to their employees. The purpose of tools such as IECacheView and MyLastSearch is to allow an investigator/ company/permitted individual to review what information has been accessed via a web browser, as well as to document how often the sites themselves have been visited. The properties of the cached website are viewable, such as the file name, the content type it is, the complete cache path. You are an employee of a company, and you are using company property, a company undoubtedly has permission and the right to search for a workstation. If they have reason to believe that their property is being used improperly, they are fully allowed to search and review the information within the workstation. Part 2: Tools and Commands 1.) Launch Helix and add Investigation Notes about the actions that you completed in the lab. Complete the case details with the following information, save a new Helix Audit Log, and submit it with your deliverable files. Part 3: Challenge Exercise
1.) Launch Helix and then select Quick Launch > System Information Viewer. From the options, launch the Windows Information and Environment Information tools. Makes screen captures showing the details in each. In your Challenge Questions file, match the commonalities of each.
Since they give different information for different key events (one being Windows OS, the other being Environment DOS and registered paths) the information should not be the same outside of a few outliers. They share the same GUI. Windows Information will more than likely give you user path information, whereas Environment will give you data paths.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

Module 6 Homework Assignment.docx
Untitled document (57).docx
Child Abuse as a Social Issue Presentation Plan.docx
Case Study:presentation.docx
Lab 2 - Report file.docx
Lab 9 - Report file.docx
Lab 7 - Report file.docx
Lab 6 - Report file.docx
Lab 4 - Report file.docx
Lab 8 - Report file.docx
Lab 5 - Report file.docx
PSY-205 1-4 Short Paper.docx