EPRB- it is an arrangement of apparatuses for encoded frameworks, information unscrambling and secret word recuperation that works on Windows working framework.AUTOSPY- This is a computerized criminology stage and Graphical User Interface to the Sleuth Kit. It keeps running on Windows, Linux and macOS.
Implementation of computer forensic techniques
Most digital crime activities leave a trace of evidence that allow the investigators to solve and prevent digital crimes [1]. According to my research I have concluded around 90% of all the data processed to information does not leave the digital domains. I will elaborate on the forensic techniques that facilitate acquisition of evidence. Example of these techniques include
Live forensics
Also known as live response. It majorly attempts to identify, control and eliminate possible threats in a live running system environment. In the past, this involved taking images and snapshots so as to perform analysis on these images. This was far-fetched as the process was far from efficient.Live forensic is more efficient if you focus on handling threats on the spot. The main difference between traditional and live forensic is on the time: the procedures of identifying, quantifying and eliminating threats are still similar in both techniques [1].
This techniques has a short life span and therefore its degree of success is determined by focusing on the source of threat. Instead of rushing into the process, one should look for usual suspect files in the system such as temporary directories. On windows, the best way of initiating live forensics is by peaking the active user app data directory, especially its roaming folder.
Password recovery
This refers to the recovery of password protected files. It can be through cracking the password or by passing it.
Passwords provide strong protection to sensitive information. It is in rare cases that the password is lost or the account administrator forgets the password [2]. In cases like this, password recovery is the best way to gain access to information.Brute forces can be used in cracking any password. It does this by attempting all possible passwords. In majority of the cases, this procedure is time consuming.
Smarter techniques have been deployed to reduce the number of possible passwords thus reducing on the time spent on password recovery. With the use of a wide range of array utilities, password recovery is made quite easy.
Deployment forensic tools
ElcomSoft Password Recovery Bundle (EPRB) –
This is a legal instrument that is utilized for secret key recuperation. It opens records, unscramble files and break into scrambled compartments with an across the board secret key recuperation package.
It just keeps running on a Windows Operating System.The apparatus is utilized in recovering passwords for an immense scope of office and business based applications including: Text processors, flag-bearers, office suites, database administration projects, spreadsheets and email customers [3].
The apparatus have however a little computerized process as the instrument requires monitory supervision. These robotized highlights include:
The undertakings performed by the ElcomSoft Password Recovery Bundle include:
Autospy
This computerized crime scene investigation program is like a graphical interface device which is utilized to a great extent by military, law offices and corporates to look at PC’s past exercises [4]. You can likewise utilize it in recuperating photographs from your camera’s or telephone’s memory card.
Unlike the EPRB apparatus, it keeps running on different working frameworks. These OS include: Windows, Linux and macOS. The file formats that are supported by Autospy forensic tool include:
The vendors support reputation by providing a 24hr help line to facilitate aid if needed. The vendor also provides a user and developer guide documentation.
The tasks performed by this tool include:
Adding source of data
You can include an information source in a few different ways:
The information source must stay open for the span of the investigation in light of the fact that the case contains a reference to the information source. It doesn’t duplicate the information source into the case organizer.Notwithstanding the kind of information source, there are some basic strides all the while:
1) You will be provoked to determine the information source to include (points of interest are)
2) Autopsy will play out an essential examination of the information source and populate an implanted database with a passage for each document in the information source. No substance is investigated all the while, just the records are counted.
3) While searching information source, it will be provoke a rundown of ingest modules to empower
4) After you design the ingest modules, you may need to sit tight for Autopsy to complete its essential examination of the information source.
5) After the ingest modules have been designed and the fundamental examination of the information source is finished, the ingest modules will start to break down the document substance. Information can be spelt from the source [6].
Assignment section 2
Registered owner, account name in use and the last recorded shut down date and time: MARTIN KING, KINGMARTIN, shutdown Friday, June 16, 2017 12:59:23PM
Account name of the user who mostly used the computer and the user who last logged into it: KINGMARTIN, MARTIN KING.
The time zone is 3GMt standard time
The computer name was be DESKTOP-3AVIC6Z.
Accounts on the OS were Administrator, Guest, Paul Acct.
Applications that are installed in the operating system.
Roslyn Language Services – x86 14.0.23107
Application Insights Tools for Visual Studio 2015 3.3
Microsoft Visual Studio Team Foundation Server 2015 Office Integration (x64) 14.0.23102
Adobe Photoshop 1.0.0000
Microsoft Visual Studio 2015 XAML Visual Diagnostics 14.0.23107
Microsoft Build Tools Language Resources 14.0 (x86) 14.0.23107
Microsoft Visual C++ 2005 Redistributable – x64 8.0.56336 False 8.0.56336
Microsoft Visual C++ 2012 x86 Additional Runtime – 11.0.60610 False 11.0.60610
Microsoft Blend for Visual Studio 2015 – ENU 14.0.23107
Microsoft Visual Studio Professional 2015 – ENU 14.0.23107
Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729 False 9.0.30729
Windows Espc Resource Package 14.0.23107
Microsoft Visual Studio 2015 XAML Application Timeline – ENU 14.0.23107
Microsoft .NET Framework 4 Multi-Targeting Pack 4.0.30319
Visual C++ IDE Common Package 14.0.23107
Internet Explorer 8.9.1.5100
Microsoft Visual C++ 2008 Redistributable – x64 9.0.30411 False 9.0.30411
Microsoft Visual Studio Team Foundation Server 2015 Storyboarding (x64) 14.0.23102
Microsoft System CLR Types for SQL Server 2014 12.0.2402.11
The browser that was used is CHROME BROWSER
The directory to the software was. E:Software
The application that was used for email is Yahoo mail
The applications that were installed in the computer and could be used for hacking are
Schneier, B. and Kelsey, ecure audit logs to support computer forensics., CM Transactions on Information and System Security (TISSEC), 2(2), pp.159-176, 2010.
Kruse II, W.G. and Heiser,, Computer forensics: incident response essentials, Pearson Education, 2013.
Yasinsac, A., Erbacher, R.F., Marks, D.G., Pollitt, M.M. and Sommer, P.M, Computer forensics education, IEEE Security & Privacy, 99(4), pp.15-23., 2013.
Yusoff, Y., Ismail, R. and Hassan, Z., 2011, Common phases of computer forensics investigation models., International Journal of Computer Science & Information Technology, 3(3), pp.17-31., 2011.
Fahey, A.L., e fense Inc, omputer forensics, e-discovery and incident response methods and systems, U.S. Patent Application 12/318,083., 2009.
Bradford, P.G., Brown, M., Perdue, J. and Self, B., April. Towards proactive computer-system forensics. In Information Technology: Coding and Computing, Proceedings. ITCC 2004. International Conference on (Vol. 2, pp. 648-652). IEEE., 2012.
Luttgens, J.T., Pepe, M. and Mandia, K, Incident response & computer forensics. McGraw-Hill Education Group., 2014.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download