WK5 Log Analysis Lab

docx

School

SUNY Buffalo State College *

*We aren’t endorsed by this school

Course

COMPUTER F

Subject

Information Systems

Date

Apr 3, 2024

Type

docx

Pages

Uploaded by DeanField4049

Assignment Title: Week 5 Lab #4: Log Analysis by Clifford Attaglo clifford.attaglo@mymail.champlain.edu By submitting this assignment, I acknowledge that I have read and agree to abide by the Champlain College Academic Honesty Policy. I declare that all work within this assignment is my own or appropriately attributed. I accept that failure to follow the academic honesty policy may result in a failure grade, or expulsion from Champlain College. Date Due: _02/11/2024_ Date Submitted: _02/10/2024_

Configuration of Test Platform: Host Name: VDI8FOR-14 Microsoft Windows 10 Enterprise 2016 LTSB Version 10.0.14393 N/A Build 14393 Tool Used Microsoft Windows 10 Enterprise 2016 LTSB Magnet AXIOM Examine Steps Taken: Open AXIOM Examine and select to open a case.

Browse to AXIOM case file in case folder and select it.

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version

Access to all documents
Unlimited textbook solutions
24/7 expert homework help

The case is now open in AXIOM Examine as shown below. From the AXIOM Window, click on “VIEW ALL ARTIFACT CATEGORIES” to see all artifacts and to browse through them.

The operating system version and build number is MacOS 11.2.1 20D74 as can be seen from the screenshot below. Operating System: MacOS. Version Number: 11.2.1 Build Number:20D74. iOS Support Version: 14.4. User(s) associated with the operating system can be seen on the below screenshot.  Username: thisisdfir o User ID: 501  Username: Guest o User ID: 201

Logs stored within the \private\var\log\ directory includes:  Network interfaces status.  Local system status.  Disk status.

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version

Access to all documents
Unlimited textbook solutions
24/7 expert homework help

Below are some screenshots from the artifacts.

Some of the information about user(s) and system that can be determined from these logs are the user’s mac address, IP address, timestamps, duration the user spent on the system, attached disks user used as can be seen from the screenshots above. The duration of the system uptime on February17, 2021 was 6 minutes as can be seen from the screenshot below. This can be determined by browsing through the “Daily Log-Local System Status”. Other additional information that can be is the timestamp which can also be seen on the screenshot. The timezone associated with the system is America/New_York as can be seen from the screenshot below. The artifact used to identify this from Magnet AXIOM Examine is Operating System Information – macOS.

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version

Access to all documents
Unlimited textbook solutions
24/7 expert homework help

From the BatteryLife artifacts on the system we can know the time zone at the used at a particular time. There is a lot of information associated with the BatteryLife artifacts in AXIOM examine, we can see com.apple.MobileSMS, com.apple.Photos, com.apple.Safari and the list goes on and on. The logs pertaining to BatteryLife artifacts includes PowerLog Application State, PowerLog Process Data Usage and PowerLog Timezone Information. Screenshots are provided below.

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version

Access to all documents
Unlimited textbook solutions
24/7 expert homework help

WK5 Log Analysis Lab

Related Documents