100% (1)
Pages:
1 pages/≈275 words
Sources:
4
Style:
APA
Subject:
IT & Computer Science
Type:
Essay
Language:
English (U.S.)
Document:
MS Word
Date:
Total cost:
$ 5.4
Topic:

Week 7 Paper: Forensics. Computer Science Assignment

Essay Instructions:

Please list the question, answer underneath, and a1-2 sources right after each answer. One paragraph for each answer, this shouldn't be more than one page for all 3 answers.



1. Give an example of an Anti-Forensic technique and at least two ways for an investigator to address it. Identify artifacts and other footprints that may be available for the investigator to determine that the Anti-Forensic technique was utilized.

2. Describe a situation where malware may be used as an anti-forensic technique and at least one method that an investigator can work through the challenge presented.

3. What anti-forensic techniques would you employ to throw off a digital forensic investigator? Why would you choose them?



Thank you.

Essay Sample Content Preview:

Week 7: Forensics
Student’s Name
Institution
Date
1. Provide an example of an Anti-Forensic technique and two ways for an investigator to handle it. Highlight artifacts that may be available for the investigator to determine that the Anti-Forensic technique was utilized.
One of these situations is data deletion. When a user deletes a file in their computer system, space it formerly occupied is marked only as free. The content within this space, however, remains available and the forensic analyst can still recover the file. Data wiping mainly focuses on this space as it overwrites it with random data making the file no longer recoverable. When an investigator attempts to recover photos that have been wiped or deleted, there are some places that the deletion software may have not accessed (Zdziarski, 2012).
One of these is the Thumbnail cache generally found in a Windows-based operating system. The system ensures that the file thumbnails are not entirely erased even when the original image has already been deleted. This provides investigators with a chance to identify a smaller version of the picture within the Windows Thumbnails.
The investigator can also utilize address data wiping when searching for items that did not get deleted. The data wiping software typically cannot wipe data that is currently in use by other applications. In a program such as Skype, most data wiping programs delete all contents within that program including the primary Skype database, however; these deletion programs will not delete the chat sync folder (Zdziarski, 2012). This allows the forensic investigator to gain access to such a folder and hence, recover any deleted data.
2. Highlight a situation where malware may be utilized as an anti-forensic technique and one technique that an investigator can use to handle the challenge presented.
A malware is one of the tools that malicious code writers can utilize in avoiding forensic detection and obscuring forensic analysis. The main subversive techn...
Updated on
Get the Whole Paper!
Not exactly what you need?
Do you need a custom essay? Order right now:
Sign In
Not register? Register Now!