Seminar for Week 4: Investigating Windows Systems In this seminar, we will examine the basic techniques and software tools to investigate computers running Microsoft Windows operating systems....

1 answer below »

Seminar for Week 4: Investigating Windows Systems In this seminar, we will examine the basic techniques and software tools to investigate computers running Microsoft Windows operating systems. Overview The important things that a digital evidence investigator must understand about computers with Windows operating systems include file systems, account management systems, log files, and other advanced techniques such as .NET framework. There are several variants of Windows operating systems, and each of them may store valuable forensic information in different locations. Furthermore, different cases require digital investigators to explore and research different components. In this seminar, we will discuss the important common aspects of Windows systems with the expectation that you will know how to extract valuable information from Windows for each different, new case, even if we do not address the exact location for that kind of information.

Answer should be original, and similarity (plagiarism) not more than 10% this is extremely serious.



Answer should be a clear explanation and should be clear and understand (500 words enough).



Answer should be references on Harvard style (Not use Wikipedia) should be Academic Articles or books.



When use citation from any reference please keep it between "citation" (Author,Year),please citation should be not more than 5%



As reference you can use the following book:



Casey, E., (2011)
Digital evidence and computer crime: forensic science, computers and the internet. 3rd ed. New York: Elsevier Academic Press.



Assignment is:


DQ1: Discuss how you can check what kind of Internet site a suspect has visited using a Windows machine; the suspect may use some tools to hide her activities




Document Preview:

Seminar 4: Investigating Windows Systems Laureate Online Education Computer Forensics © All rights reserved 2005 – 2012. The Computer Forensics module, in all its parts: syllabus, guidelines, lectures, discussion questions, technical notes, images, projects and any additional material is copyrighted by Laureate Online Education B.V. Computer Forensics Seminar for Week 4: Investigating Windows Systems In this seminar, we will examine the basic techniques and software tools to investigate computers running Microsoft Windows operating systems. Overview The important things that a digital evidence investigator must understand about computers with Windows operating systems include file systems, account management systems, log files, and other advanced techniques such as .NET framework. There are several variants of Windows operating systems, and each of them may store valuable forensic information in different locations. Furthermore, different cases require digital investigators to explore and research different components. In this seminar, we will discuss the important common aspects of Windows systems with the expectation that you will know how to extract valuable information from Windows for each different, new case, even if we do not address the exact location for that kind of information. Digital Evidence Acquisition Techniques for Windows In the previous seminar, we discussed several approaches to acquire a forensic hard drive. For example, one can use a Linux bootable CD to bit-by-bit copy the target drive (even if the target drive is Windows based) to a third place, or use commercial tools such as EnCase or Forensic Tool Kit (FTK) to do that. Furthermore, EABD describes a method for generating an Evidence Acquisition Boot Disk (EABD) in Windows 95, which could be used to acquire hard drives. These tools will generally boot the computer with the basic components of the operating systems and then copy the data to a third drive....



Answered Same DayDec 23, 2021

Answer To: Seminar for Week 4: Investigating Windows Systems In this seminar, we will examine the basic...

Robert answered on Dec 23 2021
123 Votes
Whenever a user accesses the internet, their activity is stored on their computer automatically. This information includes web pages they’ve visited, the keywords they used to search for and the information they had entered in online forms including the login credentials for their online accounts.
However, a user can opt to hide these activities using various tools and techniques. Some of these tools and techniques would not completely eradicate all the evidences and so some of the artifacts would still be left out. However by using a combination of tools and techniques, one could eradicate all the artifacts and there would nothing left out to the forensic investigator to build a case upon. Below, I’ll demonstrate two scenarios, one in which the evidence could be retrieved and another in which no evidence could be retrieve.
Let us assume the person would be using a Google Chrome browser. Now, a web browsing activity on Google chrome would leave the following traces:
i) In the default Google chrome folder “[Username]\Local Settings\Application Data\Google\Chrome\User Data”
The...
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here