Week3_LabHandOut-4 Submit

pdf

School

University of Technology Sydney *

*We aren’t endorsed by this school

Course

48436

Subject

Computer Science

Date

Apr 3, 2024

Type

pdf

Pages

3

Uploaded by MasterProtonQuetzal28

Report
Page 1 of 3 Lab handout can be discussed with a team. Answers should be submitted individually. No copy- pasting. Due: By the end of your lab today. Total Marks 24. Weightage 3% of the total assessment. Computer Fundamentals 1. What is the binary equivalent of the hexadecimal number ABCD? [2 Mark] 1010101111001101 2. Suppose a suspect’s computer stores data in little-endian. You are investigating this computer and found the hexadecimal values “A1”, “B2”, “C3”, and “D4” at memory addresses “a”, “a+1”, “a+2”, and “a+3” respectively. If these four values are part of a 32-bit integer (decimal number), what is the decimal equivalent of the integer? Explain the steps you used to obtain your answer. You can use any online tool (such as https://www.rapidtables.com/convert/number/hex-to-decimal.html ) to convert a hexadecimal number to a decimal integer. [3 Marks] Firstly convert hexadecimal to binary: A1 = 10100001, B2 = 10110010, C3 = 11000011, D4 = 11010100 • Then convert binary to decimal: o 10100001 = 161 o 10110010 = 178 o 11000011 = 195 o 11010100 = 212 • Adding these decimals together: o 161 + 178 + 195 + 212 = 746. 13. The following questions are based on the lab computer in front of you (i) What information can you ascertain by right-clicking on a file and viewing the properties? [2 Marks] General: Kind Size Where Created Modified o More info: o Name & Extension: o Comments: o Open with: o Preview o Sharing & Permissions (ii) What are the active processes and services you see on your computer? How did you get them (Hint: Windows Task Manager)? [2 Marks]
Page 2 of 3 My active processes are: Google chrome – using the canvas site and entertainments Notes : note the lecture contents Microsoft word – complete homework like hand out Finder – findings docs and stored files Microsoft outlook – tracking mails Activity Monitor – answering this question (iii) Open Windows Command Prompt (CMD) and run the command wmic OS get localdatetime . What information can you gather from the output? Now, run the command Tzutil /g . After running this command, what did you learn about Sydney time with respect to GMT? [3 Marks] Note: The WMIC command will always return the complete current date and time in the format YYYYMMDDHHMMSS.milliseconds+GMT_Offset_in_minutes (See this https://mivilisnet.wordpress.com/2019/03/28/current-date-and-time-using-wmic/ ) After the first command: 20240306160302.724000+660 After the second command: AUS Eastern Standard Time 14. You are given six different files which can be downloaded from this Dropbox location https://www.dropbox.com/sh/4fx06z1z32iwjda/AADJsOf-1NGDR8p9b4jWd4xna?dl=0 . You are told that each of these files is either a word file, an excel file, or an image file. What is the content of each file? Explain how did you open each file, and how the name of a file helped you? [6 Marks] F.xlsx: I couldn’t open it. The name of the file let me know it a excel document E.jpg: Blank figure with number 3 on top right corner. I clicked the file. The name of the file let me know it a image file D.docx :I couldn’t open it. The name of the file let me know it a word document C.xlsx: I couldn’t open it. The name of the file let me know it a excel document B.xlsx: Blank document with a ‘2’ in the top right corner. I clicked the file. The name of the file let me know it a excel document A.docx: Blank document with a ‘1’ in the top right corner .I double clicked the file.The name of the file show me it is a word document
Page 3 of 3 15. Assume that you are a police officer who is attending a crime scene. At the crime scene, you found a computer running. You have to take the computer to a forensic lab for further processing. Case A [Pull the Plug]: You shut down the computer by pulling the plug. Before pulling the plug, you saw a message “ Bob has killed me “on an open file A.txt (which is displayed on the screen). You told this to your colleagues in the forensic lab. When they restarted the computer, they also found the file A.txt. But, they found the content of the file as “ Bob has “. In a further analysis, they found that the computer has not been corrupted due to the “pull the plug” activity. What could have gone wrong here? [2 Marks] Should the computer have been corrupted as a result of unplugging it, any potential evidence of the sentence "Bob has killed me" in the open file would have been erased from RAM. Consequently, it might have been a crucial piece of information that revealed the POI and potential motivations. Case B [Proper Shut Down]: Assume that, as an alternative, you gracefully (properly) shut down the computer by going through the shutdown menu provided by Windows OS. In that process, you made one mouse click. Do you think there will be any change in the computer after the click? If so, what can have happened? You can see this video to answer this question https://canvas.uts.edu.au/courses/30851/modules/items/1621862 [2 Marks] The operating system might have been alerted to shut down by the mouse click. Perhaps the shutdown menu was disregarded as a result of this. Because it is volatile data, the live data might have also been lost throughout the process. In your opinion, which of the two cases (Case A and Case B) is better for forensics? Justify your answer. [2 Marks] Both cases carry the risk of losing potentially significant data. Case A, on the other hand, avoids the possibility of file authenticity and modification by not requiring any interaction with the file.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

GRT 3.02 DONE.docx
module 2_COS-2050_aug19.docx
Homework-Strings.docx
Homework - JavaDoc Intro.docx
U1_Alternative assignment.docx
Week2_LabHandOut-2%28Ba%20Anh%20Quan%20Pham-24606194%29.pdf
Week3_LabHandOut-4.docx
QUIZ 2 Warm-up Questions - KEY.pdf
QUIZ 2 Warm-up Questions.pdf
Project3_Report.pdf
Lab_11_worksheet.pdf
Compare and Contrast Programming Languages.docx
Recommended textbooks for you
Text book image
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Systems Architecture
Computer Science
ISBN:9781305080195
Author:Stephen D. Burd
Publisher:Cengage Learning
Text book image
Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
CMPTR
Computer Science
ISBN:9781337681872
Author:PINARD
Publisher:Cengage
Text book image
Np Ms Office 365/Excel 2016 I Ntermed
Computer Science
ISBN:9781337508841
Author:Carey
Publisher:Cengage
SEE MORE TEXTBOOKS
Recommended textbooks for you
Text book image
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Systems Architecture
Computer Science
ISBN:9781305080195
Author:Stephen D. Burd
Publisher:Cengage Learning
Text book image
Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
CMPTR
Computer Science
ISBN:9781337681872
Author:PINARD
Publisher:Cengage
Text book image
Np Ms Office 365/Excel 2016 I Ntermed
Computer Science
ISBN:9781337508841
Author:Carey
Publisher:Cengage
SEE MORE TEXTBOOKS