Question
##there are 10 questions to be complete in this lab## Access Data Forensics Training Manual : labs on 327, 334 to 337, 340, 342, 344,
##there are 10 questions to be complete in this lab##
Access Data Forensics Training Manual: labs on 327, 334 to 337, 340, 342, 344, 346, 350 to 351 (2013 Version)
Associated Reading in Training Manual: pages 308 to 326 (2013 Version)
I. Special Instructions for EXPLORE TAB AND QUICKPICKS lab (page 327):
In step #2, open the image file Mantooth.E01
All files with QuickPicks selected will be listed in the File List in the bottom left pane
Questions to Answer from Lab I:
1-What is the purpose of using QuickPicks in FTK?
II. Special Instructions for OVERVIEW TAB AND FILE CONTENT VIEW OPTIONS lab (pages 334-337):
Continue using the Mantooth.E01 image file
In Part 4: step #3, Create a Bookmark for the Dear Sweetie.doc file by highlighting the file and then clicking the Bookmark button in the File List toolbar. After entering the bookmark information, select Student under Select Bookmark Parent. Click OK.
At the end of this lab, you should see the Bookmark for the Dear Sweetie.doc document when you expand the Bookmarks category
Questions to Answer from Lab II:
2-In Part 5: step #5, What type of file is Secure2[1].gif?
3-How does FTK know that the .gif extension is a Bad extension or has been changed?
III. Special Instructions for EMAIL TAB lab (page 340):
Continue using the Mantooth.E01 image file
Questions to Answer from Lab III:
4-In step #6, in what window can you see the content of the email attachments?
5-What tab can you use to view the Email header information?
IV. Special Instructions for GRAPHICS TAB lab (page 342):
Continue using the Mantooth.E01 image file
In step #3, you must select the Evidence item at the top of the list before clicking QuickPicks
In step #8, turn on QuickPicks for the Documents folder only
Questions to Answer from Lab IV:
(none)
V. Special Instructions for VIDEO TAB lab (page 344):
Continue using the Mantooth.E01 image file
Complete all the lab steps as listed
Questions to Answer from Lab V:
6-Describe the scene that you observe when you play the happy.mpeg file.
VI. Special Instructions for BOOKMARKS TAB lab (page 346):
Continue using the Mantooth.E01 image file
Once again, you should see the Bookmark for the Dear Sweetie.doc document
Questions to Answer from Lab VI:
7-What is the purpose of creating a Bookmark in FTK?
VII. Special Instructions for LIVE SEARCH AND INDEX SEARCH TABS lab (pages 350 351):
Part 1: Live Search Tab
Continue using the Mantooth.E01 image file
In step 4, choose the Credit Card Standard, then Add, and then Search
Part 2: Index Search Tab
Continue using the Mantooth.E01 image file
In step 3, double-click on Washer in Search Terms
Questions to Answer from Lab VII:
8-What results did the Index Search for washer return?
9-How is FTK able to locate all Credit Card numbers in a forensic image?
10-What is the difference between a Live Search and an Index Search?
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started
Structured Search For Big Data From Keywords To Key-objects
Authors: Mikhail Gilula
1st Edition
012804652X, 9780128046524
