Assignment 2

Assignment 2

TermPaperWarehouse.com - Free Term Papers, Essays and Research Documents The Research Paper Factory JoinSearchBrowseSaved Papers

Home Page » Computers and Technology
Perform a Byte-Level Computer Audit

In: Computers and Technology
Perform a Byte-Level Computer Audit

1. What is the main purpose of a software tool like WinAudit in computer forensics?
it is to be able to find out all the information that you would need about the system that you are trying to hack. it also also allows you to be to examine all the software that is on the computer to see if there is anything that does not look right and to be able to see if there is software on the system that is not suppose to be there

2. Which item(s) within WinAudit’s initial report would you consider to be of critical importance in a computer forensic investigation?
Computer Name, OS, Security Settings for Windows Firewall, Drives, Running Programs, and Installed Programs and Versions.

3. Could you run Win Audit from a flash drive or any other external media? If so, why is this important during a computer forensic investigation?
yes you because that way you are not installing anything on the hard drive that would alter the state of the drive.

4. Why would you use a tool like DevManView while performing a computer forensic investigation?
It allows you to see all the the things that are installed on your system from the operating system to the drivers and what version is on there.

Determining times and dates, what flash/jump drives might be plugged in, and any CDs, DVDs, or Blu-Ray disks are in the disk drives.

5. Which item(s) within DevManView’s list would you consider to be of critical importance in a computer forensic investigation?
Optical Drive(s), USB Mass Storage Devices

6. What tool similar to DevManView is already present in Microsoft Windows systems?
WinHEX

7. Why would someone using a HEX editor during a forensic investigation?
Determining deliberately mislabelled...

Similar Essays