Premium Essay

Perform a Byte-Level Computer Audit

In:

Submitted By fheckart
Words 366
Pages 2
1. What is the main purpose of a software tool like WinAudit in computer forensics? it is to be able to find out all the information that you would need about the system that you are trying to hack. it also also allows you to be to examine all the software that is on the computer to see if there is anything that does not look right and to be able to see if there is software on the system that is not suppose to be there

2. Which item(s) within WinAudit’s initial report would you consider to be of critical importance in a computer forensic investigation?
Computer Name, OS, Security Settings for Windows Firewall, Drives, Running Programs, and Installed Programs and Versions.

3. Could you run Win Audit from a flash drive or any other external media? If so, why is this important during a computer forensic investigation? yes you because that way you are not installing anything on the hard drive that would alter the state of the drive.

4. Why would you use a tool like DevManView while performing a computer forensic investigation?
It allows you to see all the the things that are installed on your system from the operating system to the drivers and what version is on there.

Determining times and dates, what flash/jump drives might be plugged in, and any CDs, DVDs, or Blu-Ray disks are in the disk drives.

5. Which item(s) within DevManView’s list would you consider to be of critical importance in a computer forensic investigation?
Optical Drive(s), USB Mass Storage Devices

6. What tool similar to DevManView is already present in Microsoft Windows systems?
WinHEX

7. Why would someone using a HEX editor during a forensic investigation?
Determining deliberately mislabelled files attempting to hide.

8. What is the purpose of a software tool like WinHEX in computer forensics?
Closely examining a file to determine if it’s actually what it appears to

Similar Documents

Free Essay

Encryption a Means of Security

...discuss the applications of encryption techniques in database security. This is an area of substantial interest in database because we know that, the use of database is becoming very important in today’s enterprise and databases contains information that is major enterprise asset. This research work discuses the application of various encryption techniques in database security, and how encryption is used at different levels to provide the security. 1. INTRODUCTION Information or data is a valuable asset in any organization. Almost all organization, whether social, governmental, educational etc., have now automated their information systems and other operational functions. They have maintained the databases that contain the crucial information. So database security is a serious concern. To go further, we shall first discuss what actually the database security is? Protecting the confidential/sensitive data stored in a repository is actually the database security. It deals with making database secure from any form of illegal access or threat at any level. Database security demands permitting or prohibiting user actions on the database and the objects inside it. Organizations that are running successfully demand the confidentiality of their database. They do not allow the unauthorized access to their data/information. And they also demand the assurance that their data is protected against any malicious or accidental modification. Data protection and confidentiality are...

Words: 4175 - Pages: 17

Free Essay

Windows vs Linux

...A Comparison of the Security of Windows NT and UNIX† Hans Hedbom1,2, Stefan Lindskog1,2, Stefan Axelsson1 and Erland Jonsson1 1Dept of Computer Engineering 2Dept of Computer Science Chalmers University of Technology S-412 96 Göteborg, SWEDEN {sax, Erland.Jonsson}@ce.chalmers.se University of Karlstad S-651 88 Karlstad, SWEDEN {Hans.Hedbom, Stefan.Lindskog}@hks.se Abstract This paper presents a brief comparison of two operating systems, Windows NT and UNIX. The comparison covers two different aspects. First, we compare the main security features of the two operating systems and then we make a comparison of a selection of vulnerabilities most of which we know have been used for making real intrusions. We found that Windows NT has slightly more rigorous security features than “standard” UNIX but the two systems display similar vulnerabilities. The conclusion is that there are no significant differences in the “real” level of security between these systems. †Presented at the Third Nordic Workshop on Secure IT Systems, NORDSEC’ 5-6 November, 1998, Trondheim, Norway. 98, 1. Introduction It has been claimed that the security of Windows NT is far better than that of previous commercial operating systems. In order to verify (or refute) this statement we have made a brief comparison of the security of Windows NT to that of UNIX. UNIX was selected as a reference since it is well-known and widely spread. Thus, the target systems were (1) a networked Windows NT 4.0 and...

Words: 6676 - Pages: 27

Premium Essay

Ics Final Exam Study Guide

...ICS FINAL EXAM STUDY GUIDE I. Week 8 (Video Games) a. Genres of Games i. Action ii. Adventure iii. Role Playing (RPG) iv. Simulation v. Strategy vi. Serious b. Elements of a Game i. Rendering engine (graphics) ii. Physics engine (collision detection) iii. Sound iv. Artificial Intelligence v. Animation vi. Scripting vii. Networking c. Game Development i. Studio teams of 20 to >100 ii. Designers iii. Artists iv. Programmers v. Level designers vi. Sound engineers vii. Testers d. Early Games i. 1951: Nimrod ii. 1958: Tennis for Two 1. Like Pong, but with real physics simulation iii. 1975: Adventure, Colossal Cave 1. First modern adventure game iv. 1980: Rogue 1. ASCII terminal e. What makes a game fun? i. Hard Fun 1. Meaningful challenges, strategies, puzzles ii. Easy Fun 1. Exploring new worlds. 2. Focus on player attention (immersion) 3. Ambiguity, incompleteness and detail iii. Serious Fun 1. Self-Improvement 2. Relaxation and excitement 3. Creating 4. Becoming better iv. People Fun 1. Just to spend time with friends 2. Build teamwork and comraderie 3. Enjoy rivalries f. WTF [for Games]: “Where‘s the Fun.” II. Week 9 (Data Visualization) a. Data Science i. The science and technology of turning data into wisdom b. Wisdom, Knowledge, Information Relationship i. Information is Data that has been processed with context to give it meaning. ii. Knowledge is information you...

Words: 2934 - Pages: 12

Premium Essay

Data Security

...access to servers and networks wherever they are: hotels, airports, homes, or remote offices. While these functionalities are useful for business, they can only be diffused as such if we can minimize the security risks of transmitting sensitive data across the Internet. 2.2.1. Security Definition (Security Properties) Protecting information from unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction in order to provide confidentiality, integrity, and availability is the main goal of information security [NIST 2009]. Security is the ability of a computer system to withstand external physical stresses (fire, flooding, bombs, etc.) or logic (input errors, intrusions, hacking, malicious logic, etc.); this is generally the direction chosen by specialists of security audit, when they must assess the risks related to a computer system [Deswarte 2003]. According to ITSEC (Information Technology Security Evaluation Criteria), security can be defined as a combination of three main properties: confidentiality, integrity, and availability of information [Office 1991]. 2.2.2.1. Confidentiality Confidentiality...

Words: 8305 - Pages: 34

Premium Essay

Sscp Study Notes

...SSCP Study Notes 1. Access Controls 2. Administration 3. Audit and Monitoring 4. Risk, Response, and Recovery 5. Cryptography 6. Data Communications 7. Malicious Code Modified version of original study guide by Vijayanand Banahatti (SSCP) Table of Content 1.0 ACCESS CONTROLS…………………………………………………………...... 03 2.0 ADMINISTRATION ……………………………………………………………... 07 3.0 AUDIT AND MONITORING…………………………………………………...... 13 4.0 RISK, RESPONSE, AND RECOVERY………………………………………....... 18 5.0 CRYPTOGRAPHY……………………………………………………………....... 21 6.0 DATA COMMUNICATIONS…………………………………………………...... 25 7.0 MALICIOUS CODE……………………………………………………………..... 31 REFERENCES………………………………………………………………………........ 33 1.0 ACCESS CONTROLS Access control objects: Any objects that need controlled access can be considered an access control object. Access control subjects: Any users, programs, and processes that request permission to objects are access control subjects. It is these access control subjects that must be identified, authenticated and authorized. Access control systems: Interface between access control objects and access control subjects. 1.1 Identification, Authentication, Authorization, Accounting 1.1.1 Identification and Authentication Techniques Identification works with authentication, and is defined as a process through which the identity of an object is ascertained. Identification takes place by using some form of authentication. Authentication Types Example Something you know...

Words: 17808 - Pages: 72

Free Essay

Hitachi Virtual Storage Platform

...Hitachi Virtual Storage Platform Hitachi Storage Navigator User Guide FASTFIND LINKS Document Organization Product Version Getting Help Contents MK-90RD7027-00 Copyright © 2010 Hitachi, Ltd. All rights reserved. No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying and recording, or stored in a database or retrieval system for any purpose without the express written permission of Hitachi, Ltd. (hereinafter referred to as “Hitachi”) and Hitachi Data Systems Corporation (hereinafter referred to as “Hitachi Data Systems”). Hitachi and Hitachi Data Systems reserve the right to make changes to this document at any time without notice and assume no responsibility for its use. This document contains the most current information available at the time of publication. When new and/or revised information becomes available, this entire document will be updated and distributed to all registered users. Some of the features described in this document may not be currently available. Refer to the most recent product announcement or contact your local Hitachi Data Systems sales office for information about feature and product availability. Notice: Hitachi Data Systems products and services can be ordered only under the terms and conditions of the applicable Hitachi Data Systems agreement(s). The use of Hitachi Data Systems products is governed by the terms of your agreement(s) with Hitachi Data Systems. Hitachi...

Words: 42378 - Pages: 170

Premium Essay

Zic Venture

...THE EFFECTS OF COMPUTER ON THE ACCOUNTING PROFESSION NAMES MAT NO: OTOMEWO DANIEL WILLIAMS 6050 EKHATOR OSAYUWAMEN PRECIOUS 6951 ONI JOY ADELEMON 7029 EGBE PRINCE ISAIAH 7114 ODIASE PRECIOUS IYOBOSA 7033 EKUASE AUSTINE OSAMUDIAMEN 7031 ABSTRACT The aim of this study is the effect technology on accounting profession. The results of this study shows that technology causes decrease in book keeping. Also, it causes increase accuracy in accounting process, to shorten the time of providing reports, to decrease cost of gathering information, to improve reports in management accounting and to provide a background for executing techniques of costing. Technology has affected accounting profession in a great extent, in the sense that they need to acquire new skills like as applied software’s of accounting, excel and access. Also as it reduces book keeping and saving time, an accountants participation need to increase in the processes, planning, analyzing management. Therefore, it can stated that if the use of technology applied effective, it will be provide a better background for improving accounting profession and role-creating more suitable accountants in organizations. TABLE OF CONTENT INTRODUCTION BACKGROUND OF THE STUDY Technology over the last few decades has drastically changed the face of the accounting profession. For accountants, new technology is always trying...

Words: 2428 - Pages: 10

Free Essay

An Overview of Computer Viruses in a Research Environment

...An Overview of Computer Viruses in a Research Environment Matt Bishop Department of Mathematics and Computer Science Dartmouth College Hanover, NH 03755 ABSTRACT The threat of attack by computer viruses is in reality a very small part of a much more general threat, specifically attacks aimed at subverting computer security. This paper examines computer viruses as malicious logic in a research and development environment, relates them to various models of security and integrity, and examines current research techniques aimed at controlling the threats viruses in particular, and malicious logic in general, pose to computer systems. Finally, a brief examination of the vulnerabilities of research and development systems that malicious logic and computer viruses may exploit is undertaken. 1. Introduction A computer virus is a sequence of instructions that copies itself into other programs in such a way that executing the program also executes that sequence of instructions. Rarely has something seemingly so esoteric captured the imagination of so many people; magazines from Business Week to the New England Journal of Medicine [39][48][60][72][135], books [20][22][31][40][50][67][83][90][108][124], and newspaper articles [85][91][92][94][114][128] have discussed viruses, applying the name to various types of malicious programs. As a result, the term “computer virus” is often misunderstood. Worse, many who do understand it do not understand protection in computer systems, for example...

Words: 12539 - Pages: 51

Premium Essay

Urban Outfitters

...5.1 Plan Management 12 5.1.1 Contingency Planning Workgroups 12 5.1.2 Contingency Plan Coordinator 12 5.1.3 System Contingency Coordinators 13 5.1.4 Incident Notification 13 5.1.5 Internal Personnel Notification 13 5.1.6 External Contact Notification 13 5.1.7 Media Releases 14 5.1.8 Alternate Site (s) 14 5.2 Teams 14 5.2.1 Damage Assessment Team 14 5.2.2 Operations Team 15 5.2.3 Communications Team 15 5.2.4 Data Entry and Control Team 15 5.2.5 Off-Site Storage Team 15 5.2.6 Administrative Management Team 15 5.2.7 Procurement Team 15 5.2.8 Configuration Management Team 16 5.2.9 Facilities Team 16 5.2.10 System Software Team 16 5.2.11 Internal Audit Team 16 5.2.12 User Assistance Team 16 5.3 Data Communications 16 5.4 Backups 16 5.4.1 Vital Records/Documentation 17 5.5 Office Equipment, Furniture and Supplies 19 5.6 Recommended Testing Procedures 19 6 Recommended Strategies 20 6.1 Critical Issues 20 6.1.1 Power 20 6.1.2 Diversification of Connectivity 20 6.1.3 Offsite Backup...

Words: 17323 - Pages: 70

Premium Essay

Quality Control Plan

...5.1 Plan Management 12 5.1.1 Contingency Planning Workgroups 12 5.1.2 Contingency Plan Coordinator 12 5.1.3 System Contingency Coordinators 13 5.1.4 Incident Notification 13 5.1.5 Internal Personnel Notification 13 5.1.6 External Contact Notification 13 5.1.7 Media Releases 14 5.1.8 Alternate Site (s) 14 5.2 Teams 14 5.2.1 Damage Assessment Team 14 5.2.2 Operations Team 15 5.2.3 Communications Team 15 5.2.4 Data Entry and Control Team 15 5.2.5 Off-Site Storage Team 15 5.2.6 Administrative Management Team 15 5.2.7 Procurement Team 15 5.2.8 Configuration Management Team 16 5.2.9 Facilities Team 16 5.2.10 System Software Team 16 5.2.11 Internal Audit Team 16 5.2.12 User Assistance Team 16 5.3 Data Communications 16 5.4 Backups 16 5.4.1 Vital Records/Documentation 17 5.5 Office Equipment, Furniture and Supplies 19 5.6 Recommended Testing Procedures 19 6 Recommended Strategies 20 6.1 Critical Issues 20 6.1.1 Power 20 6.1.2...

Words: 17284 - Pages: 70

Premium Essay

Meowmeow

...management’s and the auditor’s responsibilities under Section 404 of the Sarbanes-Oxley Act of 2002: Management’s Responsibilities • Accept responsibility for the effectiveness of the entity's ICFR. • Evaluate the effectiveness of the entity's ICFR using suitable control criteria. • Support its evaluation with sufficient evidence, including documentation. • Present a written assessment of the effectiveness of the entity’s ICFR as of the end of the entity’s most recent fiscal year. Auditor’s Responsibilities • The auditor must plan and perform the audit to obtain reasonable assurance about whether the entity maintained, in all material respects, effective internal control as of the date specified in management's assessment. • The audit of internal control should be “integrated” with the financial statement audit, and should express an opinion on the effectiveness of the entity’s ICFR. 7-2 “Likelihood” refers to the probability that a misstatement will not be prevented or detected. For a significant deficiency or a material weakness to exist, the likelihood of such an occurrence must be either “reasonably possible” or “probable.” “Magnitude” refers to the significance that the control deficiency could have on the financial statements according to the judgment of a prudent official who considers the possibility of further, undetected, misstatements. If the auditor’s likelihood assessment is...

Words: 5977 - Pages: 24

Premium Essay

The Tools of Network Security

...The Tools of Network Security Name Date Class Professor School Introduction Network security can be hard in the environment of constantly changing technology. Strong protection does not have one simple solution. Anyone who is concerned with the protection of their computer, data, or network needs to be ready to spend time researching their specific needs to protect all the different layers and domains that can be attacked. The areas that need the most attention are port scanning, protocol analysis, vulnerability tests, intrusion prevention, firewall use, VPN security, internet filtering, and password recovery. Users need to become proactive when it comes to their network’s security by knowing what tools are the best for the job and being able to implement these tools quickly and correctly. Port Scanning Port scanning and IP scanning is an important step towards network security. A port scanner checks for available virtual ports on your network and can identify if they are open or closed. Finding out which ports are open allows network administrators to take appropriate protective actions by closing or blocking traffic to and from those open (Network Security Tools, 2013). Nmap is the major tool of choice for most network administrators. It is an affordable choice because it is a free open source tool. Nmap supports most operating systems and comes in wither a traditional command line interface or GUI version (Nmap, 2013). Nmap works by using raw IP packets...

Words: 1657 - Pages: 7

Premium Essay

Student

...Information Computer Technology Author Musisi Boney 2013 EDITION Authored by Musisi Boney; +256788489095 2 Table of contents Topics Page Introduction To Computer …………………………………………………….. 5 History & Evolution Of Computers ………………………………………….... 7 Computer Generation …………………………………………………………. 11 Computers Today ……………………………………………………………... 15 Computer Classification ………………………………………………………. 19 Computer System ……………………………………………………………... 25 Computer Hardware ………………………………………………………….. 27 - Input devices/hardware .………………………………………………..27 - Output devices/ hardware..…………………………………….…….....39 - Storage hardware /devices ……………………………………………..49 - Processing devices/hardware …………………………………………..63 - Communication devices/hardware…………………………………….. Computer Software …………………………………………….……………...69 - Utility program …………………………………………………………70 - Operating system ……………………………………………….………72 - Programming languages ………………………………………………78 - Terminologies Used in Software ………………..……………….…....80 Powering A Computer ……………………………………………….………..83 Uninterrupted Power Supply……………………………………………….....85 Computer Configuration…………...…………………………….……………87 Computer Viruses ……………………………………………….……………89 Communication ………………………………………………………………95 Internet ………………………………………………………………………113 Web Design …………………………………………………………………121 Computer Ethics …………………………………………………….………125 Computer Crimes …………………………………………………….……..129 Authored by Musisi Boney; +256788489095 3 Authored by Musisi Boney; +256788489095 4 A COMPUTER A computer is a...

Words: 30445 - Pages: 122

Free Essay

Rootkit Technology Analysis

...Table of Contents CHAPTER 1 …………………………………………………………………….. 4 INTRODUCTION………..……………………………………………………….4Aim & Objective of Research …………………………………………………..4 Research Questions …………………………………………………………….5 Hypothesis ………………………………………………………………………..5 CHAPTER 2 ……………………………………………………………………...6 LITERATURE REVIEW …………………………………………………………6 Overview of Rootkit Technology ……………………………………………….6 How a Rootkit Functions ….……………………………………………………6 Functionality Approaches of Rootkit ……………………………….…………..7 Types of Rootkit ………………………………………………………………….8 CHAPTER 3 …………………………………………………………………….11 DISCUSSION ………………………………………………………………….11 Rootkit Detection & Prevention ……………………………………………….11 Rootkit Prevention & Removal Approaches …………………………………12 Rootkit Detection & Prevention Tools ………………………………………..13 CHAPTER 4 …………………………………………………………………….14 CONCLUSION……………………………………………………………..……14 CHAPTER 5 ………………………………………………………….…………15 REFERENCES …………………………………………………………………15 EXECUTIVE SUMMARY This research paper is divided into 5 main chapters like introduction, literature review, discussion, conclusion and references. The major points of this detailed research are summarized as below. * Rootkit technologies cause severe security attacks in today’s cyber world. This research discusses the significance of effective security strategies that should be formulated against security attacks. * Detailed analysis of rootkit technologies and functionalities are done. Different rootkit types, attack...

Words: 2465 - Pages: 10

Premium Essay

Asignment

...Oracle® Database Concepts 10g Release 2 (10.2) B14220-02 October 2005 Oracle Database Concepts, 10g Release 2 (10.2) B14220-02 Copyright © 1993, 2005, Oracle. All rights reserved. Primary Author: Michele Cyran Contributing Author: Paul Lane, JP Polk Contributor: Omar Alonso, Penny Avril, Hermann Baer, Sandeepan Banerjee, Mark Bauer, Bill Bridge, Sandra Cheevers, Carol Colrain, Vira Goorah, Mike Hartstein, John Haydu, Wei Hu, Ramkumar Krishnan, Vasudha Krishnaswamy, Bill Lee, Bryn Llewellyn, Rich Long, Diana Lorentz, Paul Manning, Valarie Moore, Mughees Minhas, Gopal Mulagund, Muthu Olagappan, Jennifer Polk, Kathy Rich, John Russell, Viv Schupmann, Bob Thome, Randy Urbano, Michael Verheij, Ron Weiss, Steve Wertheimer The Programs (which include both the software and documentation) contain proprietary information; they are provided under a license agreement containing restrictions on use and disclosure and are also protected by copyright, patent, and other intellectual and industrial property laws. Reverse engineering, disassembly, or decompilation of the Programs, except to the extent required to obtain interoperability with other independently created software or as specified by law, is prohibited. The information contained in this document is subject to change without notice. If you find any problems in the documentation, please report them to us in writing. This document is not warranted to be error-free. Except as may be expressly permitted in your license agreement...

Words: 199783 - Pages: 800