Académique Documents
Professionnel Documents
Culture Documents
PART B - (5 X 16 = 80 marks)
1. (a) Illustrate how will the processing of an incident or a crime scene 16 CO - 4 K-3
(i)
takes place in cyber forensics.
OR
(b) (i) Explain in detail about how the understanding of File Systems plays
16 CO - 4 K-4
a crucial role in cyber forensics.
4. (a) (i) Discuss how will you validate the forensic data using: 8+8 CO - 5 K-2
(i) Validating the hexadecimal Editors
(ii) Validating with Computer Forensics Programs
OR
(b) (i) Examine in detail the techniques used for Addressing Data Hiding. 16 CO - 5 K-1
*****
Register No.
PART B - (5 X 16 = 80 marks)
1. (a) Illustrate how will the processing of an incident or a crime scene 16 CO - 4 K-3
(i)
takes place in cyber forensics.
OR
(b) (i) Demonstrate the following :-
(i) How will you obtain a Digital Hash? 12+
CO - 4 K-3
(ii) Conducting the investigation: Acquiring Evidence with 4
Access Data FTK
3. (a) (i) Examine the MS-DOS Startup Tasks and about other Disk Operating 16 CO - 4 K-2
Systems in Detail
OR
(b) (i) Explain briefly about the following terms in detail: 2+8 CO - 5 K-4
(i) Examining E-mail Messages +6
(ii) Copying an E-mail Message
(iii) Viewing an E-mail Headers
4. (a) (i) Discuss how will you validate the forensic data using: 8+8 CO - 5 K-2
(iii) Validating the hexadecimal Editors
(iv) Validating with Computer Forensics Programs
OR
(b) (i) Examine the following techniques used in Forensics : 4+4 CO - 5 K-3
(i) Steganography to hide Data +4+
(ii) Examining Encrypted Files 4
(iii) Recovering Passwords
(iv) Access Data Tools with Password and Encrypted Files
5. (a) (i) Describe Remote Acquisitions when used with 8+4 CO - 5 K-1
(i) Runtime Software +4
(ii) Preparing Disk Explorer and HDHOST
(iii) Remote Connection with Disk Explorer
OR
(b) (i) Assess how mobile devices play a crucial role in forensics by : 8+4 CO - 5 K-5
(iv) Basics of mobile Forensics +4
(v) Inside Mobile Devices
(vi) Inside PDAs
*****