SIT282 Multimedia Steganography Assignment Sample

• Subject Code : SIT282
• University : Deakin University My Assignment Services is not sponsored or endorsed by this college or university.
• Subject Name : IT Computer Science

Computer Crime and Digital Forensics

1. Explain how you downloaded the file, what precautions you took, and how you ensured its integrity. (Two mark)

I downloaded the Zip file from the link http://www.deakin.edu.au/~zoidberg/2019A02.zip.

This site was secured and allowed me confirm before downloading the content and I was able to get the file by proceeding to my required page. Keeping data integrity involves the steps we take to secure the information or data in the files. This folder was secured and encrypted using a pass code. Encryption is one of the most acceptable and widely adopted method for maintaining data integrity.

2. Describe how you decrypt the two given NTLM hash values by using OphCrack including screen shots. (4 marks)

D6A21EA26063C42FC9876E4B0C51BC82:CA72B189F412A384D96B785A08176773

And

8282461A2BDAF626E6067B973FDDC643:5C305D4616C7571D5DDC6EEA5BA5C395

3. Describe the process that you apply to open the downloaded file. Describe whether there is a relationship between this process and the information obtained in Step 2. (Four marks)

1. I visited the provided site for data acquaintance.

2. I proceeded and confirmed the site for downloading the file.

3. I observed that there is no

4. Describe the actual content of the encrypted file that you identified in Step 3. If there are multiple files, list their file names, types and MD5 hash values. Describe the visual contents in each file. (Four marks)

5. What tools will you now use to proceed your investigation and why? (Two mark)

1. FTK Imager:

The Forensic Toolkit (FTK) is a software package developed by Access Data for computer forensic investigations. It searches for various things on a hard disc. For example, you can find lost emails and search for content strings on the disc. This will then be used to crack every encryption as a hidden keyword. A separate disc imaging software called an FTK Imager is implemented in the toolbox. It stores a hard disc file into one of more records which can be later recreated. It measures MD5 hash values and checks the completeness of the details before the documents are locked. The result is a photo file(s) that can be stored in various formats.

There are a few characteristics, which distinguish FTK from the rest of the pack. Success is first. The only forensic programme uses multi-core CPUs to evaluate behaviour while subscribing to a distributed processing strategy. This results in a significant output improvement, which can be decreased by 400% relative to other resources in some situations, according to FTK’s documents.

The use of a shared case index is another special function of FTK. FTK only uses a single master archive with one event, rather than providing several working versions of data sets. This encourages members of the team to interact more successfully and save precious money. The use of the database also provides consistency, and FTK’s database makes the persistence of data accessible even if a programme crashes, as does other forensic software, which relies only on memory and is vulnerable to crash.

2. Encase:

Encase is the undisputed heavyweight of the forensic software industry and version 5.0 offers a number of new capabilities that make its opposition steadfast. Increased GUI is the most urgent improvement. Menus were restructured and some panes were enhanced. The new arrangement took a little longer but it certainly felt simpler and more refined to use and all our sourcing and research practises were completed quickly. Other new features include much improved support for web caching encoding from various web browsers, reading popular mailbox formats and accessing Linux Live info. EnCase has helped the widest range of industry file systems before, but now it is able to read TiVos and overcome symbolic connexions in Unix file systems more technically.

The software's sophistication is important. The vast array of instruments means that it is no mean feat because of the commodity. You really need the fantastic teaching in Instruction. It will be risky to get away in half-cock, since lawyers in the prosecution already know the product now and target any suspected faults. Encase does not have a software feature, but its active user community, which includes scripts, helps other forensic researchers with issues and discuss best practise in user forums. This can be a critical factor in separating leaders from the rest of the industry in every business sector, and the Guide has endorsed this. Encase might suffer from its own success, and was commonly used by forensically inspectors in policing and the private sector.

Remember, at the center of any academic work, lies clarity and evidence. Should you need further assistance, do look up to our Computer Science Assignment Help