Scribd Logo
Upload

Welcome to Scribd!

  • DTF Skill 7: 19Cs3259S-Digital Forensics

    Uploaded by

    Krishna Sai
    15 views4 pages
    This document discusses digital forensics and examining various file types. It examines the file signatures, types and extensions of 8 files. It also looks at metadata in Microsoft Office files like the creator, last modifier and modification times. Finally, it examines EXIF data from a photo like the date and time taken, device used and GPS coordinates. The skills covered are important for digital forensics investigations.

    Original Description:

    Original Title

    190030065_Skill7

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document discusses digital forensics and examining various file types. It examines the file signatures, types and extensions of 8 files. It also looks at metadata in Microsoft Office files like the creator, last modifier and modification times. Finally, it examines EXIF data from a photo like the date and time taken, device used and GPS coordinates. The skills covered are important for digital forensics investigations.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    15 views4 pages

    DTF Skill 7: 19Cs3259S-Digital Forensics

    Uploaded by

    Krishna Sai
    This document discusses digital forensics and examining various file types. It examines the file signatures, types and extensions of 8 files. It also looks at metadata in Microsoft Office files like the creator, last modifier and modification times. Finally, it examines EXIF data from a photo like the date and time taken, device used and GPS coordinates. The skills covered are important for digital forensics investigations.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 4

    19CS3259S- DIGITAL FORENSICS

    DTF Skill 7 BY 190030065 A. BHUVANA SRIJA

    Task 1: In this activity you will examine several files to determine their signatures and
    then look up those values.

    Q1. What is the file signature, file type, and file extension associated with File1?

    Signature: 50 4B 03 04 14 06 00 00

    Extension: DOCX, PPT, XLSX

    Type: Microsoft office open XML Format File

    Q2. What is the file signature, file type, and file extension associated with File2?

    Signature: D0 CF 11 E0 A1

    Extension: DOC, DOT, PPS, PPT, XLA, XLS, WIZ

    Type: Compound binary file format

    Q3. What is the file signature, file type, and file extension associated with File3?

    Signature: 25 50 44 46

    Extension: PDF, FDF, AI


    1
    19CS3259S- DIGITAL FORENSICS
    Type: Adobe Portable Document Format, Forms Document Format, and Illustrator graphics files

    Q4. What is the file signature, file type, and file extension associated with File4?

    Signature: 53 43 43 41

    Type: Windows prefetch file

    Extension: PF

    Q5. What is the file signature, file type, and file extension associated with File5?

    Signature: 4C 00 00 00

    Extension: LNK

    Type: Audition graphic filter file

    Q6. What is the file signature, file type, and file extension associated with File6?

    Signature:4D 5A 90 00

    Extension: API, AX

    Type: Audition graphic filter file

    Q7. What is the file signature, file type, and file extension associated with File7?

    Signature: 4D 5A 90 00

    Extension: API, AX

    Type: Zone alam data file

    Q8. What is the file signature, file type, and file extension associated with File8?

    Signature: FF D8 FF E0

    Extension: JPE, JPEG, JPG

    Type: JPEG/JFIF graphics format

    Task 2: In this task you will examine meta data contained within Microsoft Office files.

    2
    19CS3259S- DIGITAL FORENSICS

    Q1. Who created the Word document?

    Charles Galileo

    Q2. Who last modified the Word document?

    Michael Robinson

    Q3. When was the document last modified?

    Thursday, March 3, 2022, 2:05:23 PM

    Q4. How many times was the document modified?

    Q5. What is the benefit of looking through the properties this way as compared to looking
    at properties from within the Microsoft Word application?

    Task 3: In this activity you will examine EXIF data stored in the header of a graphics file.

    3
    19CS3259S- DIGITAL FORENSICS
    Q1. When was the picture taken?

    DateTimeOriginal : 2014:06:07 16:47:07

    Q2. On what device was the picture taken?

    Apple iPhone 5s

    Q3. Was the picture taken with the front camera lens or the back camera lens?

    back camera 4.12mm f/2.2

    Q4. What were the GPS coordinates of the camera/phone when the picture was taken?

    Viva Voce:
    1. What is the difference between stand-alone and networked computers?

    On a stand-alone computer, the operating system automatically sets up the computer. On a network computer,
    the computer is joined to a domain and the administrator has to specify the domain name and join the computer.
    Benefits of having a stand-alone computer is that you are not bound by a separate administrator.
    A benefit of having a network computer is that users do not have to manage items such as updates as these are
    taken care of by the administrator.

    2. What are firewalls?

    A firewall is a network security device that monitors incoming and outgoing network traffic and decides whether
    to allow or block specific traffic based on a defined set of security rules.

    3. What are sniffers?

    A sniffer is a software or hardware tool that allows the user to “sniff” or monitor your internet traffic in real time,
    capturing all the data flowing to and from your computer.

    4. What are two types of network forensics analysis tools?

    There are two basic types of nfats: “Catch-it-as-you-can systems” which capture network traffic, has the ability to
    store large amounts of data and is able to analyze that data in batch mode;
    and “stop, look and listen systems” which analyze each packet but without the storage capacity of the other.

    5. What are honeypots?

    Honeypots are decoy systems or servers deployed alongside production systems within your
    network. When deployed as enticing targets for attackers, honeypots can add security monitoring
    opportunities for blue teams and misdirect the adversary from their true target.

    You might also like