11 Sep Conducting Forensic Investigations on Windows Systems

Locate and complete Lab 5: Conducting Forensic Investigations on Windows Systems. Upon completion of Section 2 of the lab, you are required to provide the deliverables listed below.

Note: You do not have to complete Section 3 of the lab.

1. Include the Lab Report file with the following screen captures:

· properties window for the process you selected,

· Listening Ports list,

· information about the C: drive,

· information about the vWorkstation’s usn journal,

· file path for the yourname.txt file,

· vWorkstation Windows installation timestamp in a human-friendly format,

· key values for the vWorkstation’s default network interface,

· Winlogon key values,

· ShellBags key value,

· RecentDocs key values,

· the Sorted Files,

· contents of the 777.jpg file in the Document View,

· 777.lnk file contents including the path to the file in the system,

· installation files for suspicious apps in the Downloads category,

· VPN application (Speedify) in the Uninstall folder,

· users list,

· contents of the Beverly Gates / Run folder,

· at least one suspicious browsing record found in the History sub-node, and

· at least one suspicious search found in the Keywords sub-node.

When you have completed the lab, click the “Download Lab Report as PDF” icon, located in the top right corner of the lab (as shown below):

(as shown below):

2. Save the following file downloaded from the virtual environment:

· yourname_lab5_ windows_forensics.pdf

3. Upload the PDF Lab Worksheet in the Blackboard course.

Lab 6 assignment: Conducting Forensic Investigations on Linux Systems

Locate and complete Lab 6: Conducting Forensic Investigations on Linux Systems. Upon completion of Section 2 of the lab, you are required to provide the deliverables listed below.

Note: You do not have to complete Section 3 of the lab.

1. Include the Lab Report file with the following screen captures:

· contents of the /bin directory,

· contents of the /etc directory,

· contents of the /var directory,

· contents of the /proc directory,

· results of the dmesg command,

· results of the fsck command,

· results of the history command,

· running processes,

· results of the file command,

· records in the kern.log file, and

· records in the auth.log file.

When you have completed the lab, click the “Download Lab Report as PDF” icon, located in the top right corner of the lab (as shown below):

2. Save the following file downloaded from the virtual environment:

· yourname_lab6_ linux_forensics.pdf

3. Upload the PDF Lab Worksheet in the Blackboard course.

4. Then, write one page that discusses the elements listed below.

· Identify terms associated with incident response.

· Describe procedures for information systems control governance and policy enforcement.

· Describe system security related incidents.

Remember to include an introduction for the written portion of the paper. APA formatting is required, and citations and references for any paraphrased material should be present. A minimum of one reference is required for your assignment (it can be the textbook).

TEXTBOOK

Easttom, C. (2022). Digital forensics, investigation, and response (4th ed.). Jones & Bartlett Learning. https://online.vitalsource.com/#/books/9781284226065