Order
Toll-free 24/7:
+1(256)7436183
Order

FTK Imaging Lab Report Assignment

Author:
May 31st, 2023

FTK Imaging Lab Report Assignment

FTK Imaging Lab Report Assignment

Don't use plagiarized sources. Get Your Custom Essay on
FTK Imaging Lab Report Assignment
Just from $13/Page
Order Essay

FTK Imaging Lab Report: Writer will need my online login in order to do the labs. That information will be given once a writer has been assigned.

Step 1: FTK Imaging Lab Report

One of the first steps in conducting forensic investigations often involves creating an image of the forensic evidence. Forensic evidence can be found in operating systems, network traffic (including e-mails), and software applications. To help the detectives in your department understand the digital forensics investigation process better, you have offered to show them how you create an image using FTK Imager. FTK Imager can be used to analyze many types of media including audio, pictures, and videos. Graphics files can be a rich source of forensic evidence. Because you are pressed for time, you go to the virtual lab and decide to create an image of the “My Pictures” directory on your computer. This process is very similar to making a full computer image, but it takes only a few minutes rather than several hours. You are preparing a report describing the steps that you follow so the detectives can refer to it later. You will include a screenshot and text file (CSEC662_Lab1_Name.ad1) that document your imaging process with information such as hash values.

Permalink: 

Step 2: Process an Image from the suspect Mantooth’s computer Keywords: Examining meta data, File systems, Hexadecimal and ASCII,Operating Systems, Report writing, File system information gathering In the previous step you imaged a directory for a forensic report using FTK Imager. Now the detectives have requested additional analysis so you decide to go to the virtual lab and use Registry Viewer to access user account information for the image from the Mantooth computer. The Mantooth image is a subset of a full computer image. While it is rich in artifacts, it is small enough to process in minutes rather than hours. Registry Viewer provides the ability to view the contents of various types of registry files so it will help to answer some of the questions posed by detectives. You can also investigate the suspect Mantooth’s e-mail activity and picture files. The detectives have requested the following information: Mantooth’s first name and a screenshot of a picture Number of jpg files in the Mantooth evidence file Names of the e-mail domains from the e-mail in this image, plus the number of sent and received messages and the dates of the oldest and newest sent and received e-mail message for each domain Names of people who have sent e-mail to or received e-mail from Mantooth, and the number of e-mails sent or received to and from each person Information on encryption—whether it was used for any of the e-mail, and if so, what type Evidence of potential criminal activity within this image Information on how PINs were captured Vehicle Identification Number of the ’92 Dodge Identity of Sean and his role in this case Malware that initiates on startup Information on password(s)—where you found it/them, whether it/they are usable, what it/they are used for The detectives are also asking for: Summary of findings Case documentation, such as tools used, version, and image hashes Screenshots or other forensic artifacts supporting your responses to the questions You review your responses and summary information carefully for accuracy and completeness, and save them in a single file to be included in your final paper on Using Access Data tools (Step 4).

FTK Imaging Lab Report Assignment

Step 3: Process an Image from the suspect Washer’s computer Keywords: Examining metadata, File systems, Hexadecimal and ASCII, Operating Systems, File system information gathering The Mantooth image has provided a lot of new information, but the detectives want more. PRTK is the tool that can uncover it. An image has been taken of the hard drive in a computer belonging to a suspect named Washer. The Washer image is a subset of a full computer image (similar to the Mantooth image) so processing time is reduced. While it is rich in artifacts, it is small enough to process in minutes rather than hours. You have full confidence that an investigation of the Washer image will approximate the investigation of a full computer image. Registry Viewer allows you to view the contents of various types of registry files, but PRTK can decrypt files as well. Passwords for certain files may be recoverable from other artifacts on the image as well. The detectives have asked you to analyze the Washer and thumb drive processed images within FTK to ferret out the following facts. You will include your answers to these questions in your final paper on the Use of Access Data tools. What are the AIM usernames for Rasco Badguy and John Washer? What is the current zip code for the AOL IM account registered to Washer? When was AOL IM installed? Rasco Badguy and John Washer plan to camp. What does Rasco’s vehicle look like? Please provide a description. Who might Rasco bring with him? Provide the starting and ending points for their camping trip, as well as the name of body of water nearby (same as road running along shore). Find a map and directions to the spot where they will camp. Please provide this additional information: Document three distinct types of criminal activity that are under consideration and discussion by these individuals. There is a particular piece of software that will support one of the types of criminal activity under consideration. It is being obscured by file manipulation or encryption. Document the name of the file, its function, and what needs to be installed for it to operate properly. Document two names, addresses, and credit card or account numbers of potential victims. Prove that the file “How To Steal Credit Card Numbers.doc” was opened on the computer. The word “oops” has come up in intercepted traffic. Document what it refers to. Document three ways this case has familiarity or linkages to any other case you are familiar with. A number of people in this case owe money. Document who they are and how much they owe. Is there anything that links the thumb drive to the Washer image? Document how many times the administrator account was used and the date of the last login (hint: during 2008). Once again the detectives are asking for a summary of your investigative procedures and findings so you document the following: Summary of findings Case documentation such as tools used, version, and image hashes Screenshots or other forensic artifacts that support your responses to all questions You review your responses and summary documentation carefully for accuracy and completeness for you will be including them in your final paper.

FTK Imaging Lab Report Step 4: Submit Final Paper: Use of Access Data Tools The time has come to combine work products from Steps 1, 2, and 3 into a final paper summarizing the Use of Access Data Tools. You submit it to the detectives (your instructor) and cross your fingers that it contains everything they need to know about the most widely-used tools available for accessing and imaging forensic data.
Use and cite sources as necessary

Calculate the price
Make an order in advance and get the best price
Pages (550 words)
$0.00
*Price with a welcome 15% discount applied.
Pro tip: If you want to save more money and pay the lowest price, you need to set a more extended deadline.
We know how difficult it is to be a student these days. That's why our prices are one of the most affordable on the market, and there are no hidden fees.

Instead, we offer bonuses, discounts, and free services to make your experience outstanding.
How it works
Receive a 100% original paper that will pass Turnitin from a top essay writing service
step 1
Upload your instructions
Fill out the order form and provide paper details. You can even attach screenshots or add additional instructions later. If something is not clear or missing, the writer will contact you for clarification.
Pro service tips
How to get the most out of your experience with Proscholarly
One writer throughout the entire course
If you like the writer, you can hire them again. Just copy & paste their ID on the order form ("Preferred Writer's ID" field). This way, your vocabulary will be uniform, and the writer will be aware of your needs.
The same paper from different writers
You can order essay or any other work from two different writers to choose the best one or give another version to a friend. This can be done through the add-on "Same paper from another writer."
Copy of sources used by the writer
Our college essay writers work with ScienceDirect and other databases. They can send you articles or materials used in PDF or through screenshots. Just tick the "Copy of sources" field on the order form.
Testimonials
See why 20k+ students have chosen us as their sole writing assistance provider
Check out the latest reviews and opinions submitted by real customers worldwide and make an informed decision.
Medicine
Well researched paper. Excellent work
Customer 452441, November 11th, 2022
Medicine
Great work, Thank you, will come back with more work
Customer 452441, November 11th, 2022
DESIGN AND IMPLEMENTATION OF NURSE ADVOCATE HEALTHCARE PROGRAM
The absolute best ! Thanks for great communication, quality papers, and amazing time delivery!
Customer 452467, November 14th, 2022
Medicine
Good work. Will be placing another order tomorrow
Customer 452441, November 11th, 2022
Medicine
This was done very well. Thank you!
Customer 452441, November 11th, 2022
Medicine
Very fond of the paper written. The topic chosen is defiantly trending at this time
Customer 452495, July 27th, 2023
11,595
Customer reviews in total
96%
Current satisfaction rate
3 pages
Average paper length
37%
Customers referred by a friend
OUR GIFT TO YOU
15% OFF your first order
Use a coupon FIRST15 and enjoy expert help with any task at the most affordable price.
Claim my 15% OFF Order in Chat