Assessment Answers : Career Management Skills COM733

Page 1 of 18
Module: COM733 Advanced Ethical Hacking
Assignment: Assignment 2
Page 2 of 18
Table of Conten …

Preview text

Page 1 of 18
Module: COM733 Advanced Ethical Hacking
Assignment: Assignment 2
Page 2 of 18
Table of Contents
Introduction: ………………………….. ………………………….. ………………………….. ………………………….. …. 3
Process to access the lab: ………………………….. ………………………….. ………………………….. ……………. 3
Pe rforming Lab Activity: ………………………….. ………………………….. ………………………….. ……………. 6
Relation of the Lab with Ethical hacking: ………………………….. ………………………….. ……………….. 14
Knowledge gained from the LAB: ………………………….. ………………………….. ………………………….. 15
Conclusion: ………………………….. ………………………….. ………………………….. ………………………….. … 16
References: ………………………….. ………………………….. ………………………….. ………………………….. …. 18
Page 3 of 18
The aim of this report is performing an immersive lab and make a report according to that. The
immersive labs can empower the business to develop skills continuously included ethical
infrastructure hacking and ethical web hacking, IoT or firmware security and reverse engineering
along with advanced cyber warrior CTF challenges for government, defence, enterprises and law
enforcement organisations [1] . The immersive lab is completely free and easy to use. In the lab
Windows forensics will be performed and the process to access the lab will be provided. Most
importantly the entire process of performing the lab will be provided in this report and then the
results will be analysed accordingly. The forensic experts, work in a way that is subseq uently
accepted by the court and the method is for find ing out what has changed with a computing
device and who is responsible for this change. In addition to finding evidence, this computer
forensic method also ensures how to properly record and store dat a from a chain of evidence.
Process to access the lab:
The first step is to go to the link of immersive lab: ( )
(Fig 1 – Immersive Lab signin) – Created by Author)
The next step is to sign in to the lab:
Page 4 of 18
(Fig 2 – Immersive Lab signin) – Created by Author)
The next step is to go to the labs:
(Fig 3 – Immersive Labs) – Created by Author)
Page 5 of 18
For finding the labs with difficulty of more than 6, filter needs to be applied as per below given
(Fig 4 – filter ap plied to Immersive Labs) – Created by Author)
Windows forensics has been selected with difficulty level of 6:
Page 6 of 18
(Fig 5 – Lab selected) – Created by Author)
Performing Lab Activity:
An object that has a forensic value is called a forensic artifact. The prim ary duty of this object is
to provide accurate evidence of an event. Examples of such objects are registry logs, hives, etc.
This Windows artifact analysis can be used to gather information about Windows. For
Examples – Recycle Bin, Windows Error Reporting Forensic Or WER, Browser, Remote Desktop
Protocol Or RDP Cache, etc [2] . For forensic analysis, some special data can be found in
Windows Recycle Bin. Windows has files like $ R or $ I to retrieve deleted files or metadata. $ I
parse tool can be used to re -download all this data. Web browser plays a very important role in
conducting investigations. Information about all website data and downloaded information from
web browser navigation and cookies. All of this information can open a special path during
for ensic investigations. One of the specialized branches of forensic science is computer
forensics. This method is usually used for computer exploratory analysis.
The lab has been started:
(Fig 6 – Loading the lab) – Created by Author)
Autopsy tool opened for analysis:
Page 7 of 18
(Fig 7 – Autopsy tool interface) – Created by Author)
Opening the IML forensics case:
(Fig 8 – Autopsy tool interface) – Created by Author)
Case opened in Autopsy:
Page 8 of 18
(Fig 9 – IML forensics case) – Created by Author)
Acquisition details of the evidence file:
(Fig 10 – Acquisition details of the evidence file) – Created by Author)
Details found about the evidence file:
Name /img_immersiveimage.E01
Page 9 of 18
Type E01
Size 136256159744
MD5 b57a85355ee85ca8e375df84ba8a8bbf
SHA1 Not calculated
SHA256 No t calculated
Sector Size 512
Time Zone UTC
Acquisition Details Unknown
Device ID bbe9f413 -5162 -42ec -9066 -bc1aaee256f1
Internal ID 1
Local Path C: Users Administrator Desktop Images immersiveimage.E01
Questions need to be answered:
(Fig 11 – Questions need to be answered) – Created by Author)
Page 10 of 18
Question 1: Looking at the Web History results, how many events are found?
Ans: 1338
(Fig 12 – web history results) – Created by Author)
From the above given image it can be seen that there are 1338 events in the web history results.
Question 2: Looking at the EXIF metadata, what is the device model for the image ‘Hack –
Page 11 of 18
(Fig 13 – device name) – Created by Author)
From the above image it can be seen that Canon EOS 500D is the device model for the image
‘Hack -Messages[1].jpg’ .
Question 3: Looking at Recent Documents, how many files contain ‘Secret’ in their name?
Ans: Three
Page 12 of 18
(Fig 14 – recent documents ) – Created by Author)
From the above image it can be seen that there are 3 files contain ‘Secret’ in their name in recent
Question 4: Using the Data Source View, what is the six character token in the file
Ans: 93yf2h
(Fig 15 – ‘Secret453.txt’ ) – Created by Author)
Lab Completed:
Page 13 of 18
(Fig 16 – Labs completed) – Created by Author)
The operating is a process of retrieving useful details from the OS of the mobile device or pc in
the question. The target of storing this detail is to accumulate the empirical proof against the
perpetrator. It is also a sof tware component of the computing system which is liable for the
coordination of activities and management. Thus, the OS forensic acts like a number for
application programs which is run on the machine. Also, it involves the forensic inspection of the
OS in the pc [3] . Basically, the used operating systems are Linux, Mac and Windows. The
investigators should understand the methodologies and commands which is used for process of
storing volatile and non -volatile data, key technical concepts, Windows registry analysis,
memory analysis, cookie, cache, history analysis, etc . [4] . the OS forensic is the collection of the
software which controls the functioning of its pieces and interfaces with the hardware, such as
processor memory, hard disk and lots of other com ponents.
Basically, the network forensics is the implementation of recording, sniffing, analysis and
acquisition of the network traffic to investigate the network security incident. Collecting network
traffic over the network is easy but complex in practi ce due to many inherent reasons like the
complex nature of internet protocols and huge amount of data flow [5]. Due to the huge volume,
it is also not possible to record all data flowing into the network. Thus, the recorded data requires
to be backed up fo r future analysis and free recoding media. Normally, record the data is time –
consuming and very vital task. Usually, it is an ongoing process that returns the results
Page 14 of 18
simultaneously, so that the operators and system can answer to the attacks quickly. It is also a
type of analysis which completed for the ongoing process. if the administrators or investigators
locate the attack immediately, this analysis will be more important. Also, the administrators can
go into the log files to evaluate the attack.
Relati on of the Lab with Ethical hacking:
The windows forensics is directly related to the ethical hacking and cyber security. The main
purpose of this method is to retrieve and preserve information in such a way that it can later be
presented in court as accura te evidence against a crime. That is, forensic experts, work in a way
that is subsequently accepted by the court [6] . This method is to find out what has changed with
a computing device and who is responsible for this change. In addition to finding evidenc e, this
computer forensic method also ensures how to properly record and store data from a chain of
evidence. Nowadays the number of cybercrimes has increased so much that it has become
necessary to prevent and investigate. Computer forensics is a system t hrough which any
cybercrime -related crime can be investigated. That is, computer forensics is a method that is
capable of solving any complex computer -related problem. The windows forensic analysis can
be quite overwhelming to see a huge amount of the data which requires to assuming and
collecting. Basically, it aims on 2 things –
1. Analysis of windows system artifacts
2. In-depth analysis of windows operating system
The windows artifacts are the objects that capture the details about the activities which is
per formed by the Windows user. The type of the location and details of the artifacts differs from
one operating system to another. It also retains the sensitive details which is analyzed and stored
at the time of the forensic analysis [7] . The forensic artifa cts are the forensic objects which have
several forensic values. Any object which remains some evidence or data of something that has
occurred such as register, logs, hives and many more.
In the present age, every person has become completely dependent on the internet or online
management. However, we have already realized that this dependence is not a cause for much
relief. Everyone knows that not everyone is in favour of obeying the law or following the path of
truth. And everyone knows that the potentia l of these rogues is in the digital world. If any kind of
Page 15 of 18
crime occurs in the digital world, then digital methods have to be adopted to find out the
investigation of that criminal activity. One such method of conducting computer investigations is
computer forensics. With the help of this method, computer forensic experts collect data
evidence as well as analyse and store it [8]. Nowadays, evidence obtained from computer
forensic systems is used for court work, including abuses against women and child pornog raphy.
Forensic experts are more empowered to reduce the risk of evidence proving.
Knowledge gained from the LAB:
Windows forensic is nothing but the process of investigation in windows after a cyber threats to
find the process of cyber attack, intention , affected files and many more things. Because of
increasing of the cyber threats day by day in the whole world the companies have to always alert
and have to set the plan that how to prevent the cyber attack and secure their data. The main
purpose of windo ws forensic is nothing but to grab a detail and huge knowledge of windows
operating system [9] . A student of digital forensic is able to know a lot of things and also able to
gather a vast knowledge about the digital forensic investigation like how to anal yze the whole
thing of a cyber attack, how to get back the data that are loosed in the cyber attack, how to
recover affected files and data and many more things related to digital forensic through the
windows forensic program. There are various steps that are taken by the experts in the time of
windows forensic investigation: –
1. First step is to analyses the whole scene of the cyber attack. In this step the investigator tries to
find the techniques and pathway of the cyber attack . The investigators try to find the tools and
technology also that are used by the cyber criminal or the attacker.
2. In the second step the investigator creates the whole scene of the cyber attack in a controlled
or in a virtual environment so that the i nvestigator can observe the each and every steps of
attacker that are taken in the cyber attack.
3. The investigator find the corrupt file or affected files to find the malware or viruses and the
investigator also finds the way of recovering data [10] .
4. The investigators also run some bug bounty program in the affected system to locate the
vulnerability or bugs of the system and they try to remove them.
Page 16 of 18
There are various benefits available of windows forensic that are: –
1. A proper windows forensic can help a organization in various field. The company who are
using windows operating system can reduce the possibility of cyber attacks with the help of the
professional who are expert at the filed of windows forensic.
2. The process of windows forensic can also aware the company or the user to check and
optimize all types of data that are received in the system or transferred from the system. The step
of optimization helps a company to monitor and block the corrupt files or malicious data that
attempts to e nter the system.
3.with the help of windows forensic a company is able to know the trends of cyber attacks and
their procedure in present time. So that the company can prepare a proper plan and strategy for
the upcoming cyber attacks or data breaches in their system.
4. A proper data analysis is also the part of digital forensic and this step the company can
monitor the previous attacks on other system and can also see the prevention or detection system
of others. So that can the company can handle the s ituation in a very efficient way
5.a windows forensic also helps the digital forensic investigator or the cyber security
professional to know the functionalities, file encryption technology, security, server and many
more things of a windows operating sys tem.
6.with the proper windows forensic investigation a company can get back their all lossed data in
the cyber attack and in many of the case the forensic investigators are able to also recover the
affected files.
7. Microsoft company is also helped by a proper windows forensic investigation. Because with a
full windows forensic investigation their is a chance of find a new bugs or a new vulnerability
which can help the Microsoft company to make better the security of their windows software.
Thus, it can be concluded from the report that in this paper digital forensics lab has been
performed and the screenshots and steps to perform the lab has been provided. The main focus of
cyber security is the process to protect the system. The ethical ha cking is a part of cyber security
Page 17 of 18
that basically deals with finding vulnerabilities in the system as well as solving the issues before
any kind of black hat hacker or malicious hacker will exploit that.
Page 18 of 18
[1] Alendal, Gunnar, Geir Olav Dyrkolbotn, and Stefan Axelsson. “DIGITAL FORENSIC
International Conference on Digital Forensics, pp. 3 -19. Springer, Cham, 2021.
[2] Alrajeh, Dalal, Liliana Pasquale, and Bashar Nuseibeh. “On evidence preservati on
requirements for forensic -ready systems.” In Proceedings of the 2017 11th Joint Meeting on
Foundations of Software Engineering, pp. 559 -569. 2017.
[3] Ariffin, Aswami, K -KR Choo, and Zahri Yunos. “Forensic readiness: A case study on digital
CCTV systems antiforensics.” In Contemporary Digital Forensic Investigations of Cloud and
Mobile Applications, pp. 147 -162. Syngress, 2017.
[4] Liu, Changwei, Anoop Singhal, and Duminda Wijesekera. “Identifying evidence for cloud
forensic analysis.” In IFIP International C onference on Digital Forensics, pp. 111 -130.
Springer, Cham, 2017.
[5] MacDermott, Aine, Thar Baker, and Qi Shi. “Iot forensics: Challenges for the ioa era.”
In 2018 9th IFIP International Conference on New Technologies, Mobility and Security
(NTMS), pp. 1 -5. IEEE, 2018.
[6] Naqvi, Syed, Peter Sommer, and Mark Josephs. “A research -led practice -driven digital
forensic curriculum to train next generation of cyber firefighters.” In 2019 IEEE Global
Engineering Education Conference (EDUCON), pp. 1204 -1211. IEEE, 2019.
[7] Philomin, Sebastien, Avinash Singh, Adeyemi Ikuesan, and Hein Venter. “Digital forensic
readiness framework for smart homes.” In International Conference on Cyber Warfare and
Security, pp. 627 -XVIII. Academic Conferences International Limited, 2020.
[8] Powell , Ashleigh, and Cydnee Haynes. “Social media data in digital forensics
investigations.” In Digital Forensic Education, pp. 281 -303. Springer, Cham, 2020.
[9] Quick, Darren, and Kim -Kwang Raymond Choo. Big Digital Forensic Data: Volume 2:
Quick Analysis for Evi dence and Intelligence. Springer Singapore, 2018.
[10] Sadineni, Lakshminarayana, Emmanuel Pilli, and Ramesh Babu Battula. “A holistic
forensic model for the internet of things.” In IFIP International Conference on Digital
Forensics, pp. 3 -18. Springer, Cham, 2 019.

Calculate the price of your order

550 words
We'll send you the first draft for approval by September 11, 2018 at 10:52 AM
Total price:
The price is based on these factors:
Academic level
Number of pages
Basic features
  • Free title page and bibliography
  • Unlimited revisions
  • Plagiarism-free guarantee
  • Money-back guarantee
  • 24/7 support
On-demand options
  • Writer’s samples
  • Part-by-part delivery
  • Overnight delivery
  • Copies of used sources
  • Expert Proofreading
Paper format
  • 275 words per page
  • 12 pt Arial/Times New Roman
  • Double line spacing
  • Any citation style (APA, MLA, Chicago/Turabian, Harvard)

Our guarantees

Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.

Money-back guarantee

You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.

Read more

Zero-plagiarism guarantee

Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.

Read more

Free-revision policy

Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.

Read more

Privacy policy

Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.

Read more

Fair-cooperation guarantee

By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.

Read more