You’re investigating a case involving an employee who’s allegedly sent inappropriate photos viaemail in attachments that have been compressed with a zip utility. As you examine theemployee’s hard...

You’re investigating a case involving an employee who’s allegedly sent inappropriate photos viaemail in attachments that have been compressed with a zip utility. As you examine theemployee’s hard disk, you find a file named Xyz.zip, which you suspect is a graphics file. Whenyou try to open the file in an image viewer, a message is displayed indicating that the file iscorrupt. In addition, you find some files with unfamiliar extensions and password-protectedfiles. Answer the following questions based on this scenario.a) Explain how to trace, recover, and analyse e-mail messages. (2.5 Marks)b) Explain how to handle the photo attachment files during an e-mail investigation.(2.5 Marks)c) Explain how to recover Xyz.zip for further investigation. (2.5 Marks)d) Explain how to identify the header of the file and determine how their extensions aremismatched. (2.5 Marks)Discuss what techniques and tools that can be used to recover the passwords from theprotected files. (2.5 Marks)e) Explain the use of hash algorithms to verify the integrity of lossless compressed data.(2.5 Marks)f) If an application uses salting when creating passwords, what concerns should a forensicsexaminer have when attempting to recover passwords? (2.5 Marks)g) You’re using Disk Management to view primary and extended partitions on a suspect’sdrive. The program reports the extended partition’s total size as larger than the sum of thesizes of logical partitions in this extended partition. What might you infer from thisinformation? (5 Marks)h) What’s the main piece of information you look for in an e-mail message you’reinvestigating? (2.5 Marks
Jan 09, 2022
SOLUTION.PDF

Get Answer To This Question

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here