Access Millions of academic & study documents

Forensics v03 lab03 aw 2

Content type
User Generated
Showing Page:
1/2
Lab #3 - Assessment Worksheet
Uncovering New Digital Evidence Using Bootable Forensic Utilities
Course Name and Number: CYBER 470
Student Name:
Instructor Name:
Lab Due Date: Week 2
Lab Assessment Questions
1. What is the main advantage of a bootable forensic suite like Helix?
Bootable forensic suites like Helix allow for ease of access within the imaged, virtualized,
or write-blocked copy of the original system without compromising the workstation or
user profiles.
2. Describe five Process Explorer (ProcExp) features that can be used in computer
forensics as part of an investigation.
It can be used to monitor and track actual executables and applications loaded and
running in your computer, including viruses, spyware, malicious software, and keyboard
loggers. Process Explorer can also help build a baseline definition for standard
workstations and servers to be used for comparison purposes during forensic
investigations. This allows an investigator or troubleshooter to locate compromised
system files.
3. Which forensics tool would you use to reveal recent pages viewed via the
Internet Explorer browser?
The tool you would use is MyLastSearch
4. How would IECacheView help a forensic investigator?
IECacheView allows an investigator to see what internet pages were viewed by users of
the machine.

Sign up to view the full document!

lock_open Sign Up
Showing Page:
2/2

Sign up to view the full document!

lock_open Sign Up
Unformatted Attachment Preview
Lab #3 - Assessment Worksheet Uncovering New Digital Evidence Using Bootable Forensic Utilities Course Name and Number: CYBER 470 Student Name: Instructor Name: Lab Due Date: Week 2 Lab Assessment Questions 1. What is the main advantage of a bootable forensic suite like Helix? Bootable forensic suites like Helix allow for ease of access within the imaged, virtualized, or write-blocked copy of the original system without compromising the workstation or user profiles. 2. Describe five Process Explorer (ProcExp) features that can be used in computer forensics as part of an investigation. It can b ...
Purchase document to see full attachment
User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.
Studypool
4.7
Indeed
4.5
Sitejabber
4.4