Need help with your Discussion

Get a timely done, PLAGIARISM-FREE paper
from our highly-qualified writers!

How It Works
Submit Your Assignment
glass
pen
clip
papers
heaphones

Generate a Report in Excel Lab Project

Computer Science

Computer Science

Generate a Report in Excel Lab Project

Generate a Report in Excel Lab Project

Description

**Autopsy for Windows (a free digital forensics tool) is available on Sleuth Kit download website. Download the Autopsy Version 4.3.0 (autopsy-4.3.0-64bit.msi) and then install it.

For detailed information on installing and using Autopsy, you may visit the Autopsy User’s Guide the Autopsy User Documentation. You can find an instruction forinstalling Autopsy.

You are required to submit two Excel files in D2L Assignments Dropbox by the given deadline.

The Digital Lab 2 assignment is Hands-On Project 8-1, 8-2 in the pages 373 to 374 of “Guide to Computer Forensics and Investigations” by Nelson et al. 

Before beginning this exercise, create a C:WorkChap08Project folder. Download Ch08.zip file contains c08frag.exe and c08carve.exe to this work folder from Module 6, Digital Lab Project # 2 folder. Double-click the “c08frag.exe” file in File Explorer to uncompress it into “c08frag.dd”. Double-click the “c08carve.exe” file to extract “C08carve.dd”. Start Autopsy.

Hands-On Project 8-1 

In this project, you use Autopsy for Windows to locate and extract JPEG files with altered extensions. Some of these files are embedded in files with non-JPEG extensions. Find the C08frag.dd file in your work folder, and then follow these steps: 

1. Start Autopsy for Windows and click the Create New Case button. In the New Case Information window, type C08frag in the Case Name text box, (and clickBrowser next to the Base Directory text box. Navigate to and click your work Project folder. Make sure the Single-user option button is selected for Case Type,) and then click Next. Enter C08Frag for the case number and your name as the examiner, and then click Finish.

2. In Add Data Source window, click Disk Image or VM file in the Select Data Source Type. Next, click the Browse button. In the Open dialog box, navigate to your work Project folder, and click C08frag.dd. Click Open, and then click Next. Accept all the default selections in the Configure Ingest Modules window and click Next and then Finish.

3. Click the Keyword Search down arrow at the upper right. Type jfif in the text box, click the Substring Match option, and then click Search.

4. Click each file in the search results that doesn’t have a .jpg extension. Then examine the contents of each file to find any occurrences of a JFIF label. Right-click a file with a JFIF label, point to Tag Files, and click Tag and Comment. In the Comment text box, type Recovered hidden.jpg file, and then click OK. Repeat this procedure for each file with a JFIF label. 

For Lab Assignment, you have to generate a report in Excel.

5. Click Generate Report. Click the Results – Excel option button for the report format, and then click Next. Click All Results, and then click Finish. Click the report link and examine your report in the browser window that opens. 

6. Save this Excel report as your last name CYBR 4305 Lab 2-1.xlsx.

7. Exit Autopsy.

Hands-On Project 8-2 

In this project, you continue examining the files found by IT staff at Superior Bicycles. In the in-chapter activity, you recovered three files containing zzzz for the first 4 bytes of altered JPEG files. These altered files had different extensions to hide the fact that they’re graphics files. 

Find the C08carve.dd file in your work folder. This image file is a new drive acquisition the IT staff made. The CEO wants to know whether any similar files on this drive match the files you recovered from the first USB drive. Because you know that the files you recovered earlier have zzzz for the first 4 bytes, you can use it as your search string to see whether similar files are on this drive. 

1. Start Autopsy for Windows and click the Create New Case button. In the New Case Information window, type C08carve in the Case Name text box, and click Next. In the Additional Information window, type the date in the Case Number text box and your name in the Examiner text box. Click Finish.

2. In the Select Data Source window, make sure the select data source type is Disk Image or VM File and then click the Browse button, navigate to your work folder, click c08carve.dd, and then click Open. Then click Next. In the configure Ingest Modules window, click Next, and click Finish in the Add Data Source window.

3. Next, click the Keyword Search down arrow. In the text box, type zzzz, click the Exact Match option button, and then click Search.

4. Click each file in the search results to display its contents. If the file contains zzzz at the beginning of the sector, right-click the file, point to Tag File, and click Tag and Comment. In the Comment text box, type Similar file, and then click OK.

5. Click the gametour5.exe file. Ctrl+click to select gametour2.exe, gametour3.exe, gametour4.exe, and gametour6.exe. Right-click the selection, point to Tag Files, and click Tag and Comment. In the Comment text box, type Additional similar files, and then click OK.

6. Click Generate Report. Click the Results – Excel option button for the report format, and then click Next. Click All Results, and then click Finish. Click the report link and examine your report in the browser window that opens. 

https://drive.google.com/file/d/1TbvwaupJNh9dTwcrR_z15XHHv9S9ysuO/view?usp=drivesdk

Have a similar assignment? "Place an order for your assignment and have exceptional work written by our team of experts, guaranteeing you A results."

Order Solution Now

Our Service Charter

1. Professional & Expert Writers: Eminence Papers only hires the best. Our writers are specially selected and recruited, after which they undergo further training to perfect their skills for specialization purposes. Moreover, our writers are holders of masters and Ph.D. degrees. They have impressive academic records, besides being native English speakers.

2. Top Quality Papers: Our customers are always guaranteed of papers that exceed their expectations. All our writers have +5 years of experience. This implies that all papers are written by individuals who are experts in their fields. In addition, the quality team reviews all the papers before sending them to the customers.

3. Plagiarism-Free Papers: All papers provided by Eminence Papers are written from scratch. Appropriate referencing and citation of key information are followed. Plagiarism checkers are used by the Quality assurance team and our editors just to double-check that there are no instances of plagiarism.

4. Timely Delivery: Time wasted is equivalent to a failed dedication and commitment. Eminence Papers are known for the timely delivery of any pending customer orders. Customers are well informed of the progress of their papers to ensure they keep track of what the writer is providing before the final draft is sent for grading.

5. Affordable Prices: Our prices are fairly structured to fit in all groups. Any customer willing to place their assignments with us can do so at very affordable prices. In addition, our customers enjoy regular discounts and bonuses.

6. 24/7 Customer Support: At Eminence Papers, we have put in place a team of experts who answer all customer inquiries promptly. The best part is the ever-availability of the team. Customers can make inquiries anytime.

Menu
Free resources
 
Dissertation help
 
Email
info@eminencepapers.com
Office Address: 2066 N Capitol Ave, San Jose, CA 95132, United States
eminencepapers.com ©2023 All rights reserved. Terms of usePrivacy Policy Revision PolicyMoney Back Guarantee | Plagiarism Free Guarantee
We Can Write It for You! Enjoy 20% OFF on This Order. Use Code SAVE20
Get my 20% OFF!

Stuck with your Assignment?

Continue Shopping
Enjoy 20% OFF Today
Use code SAVE20