Assignment of Digital Forensics

Added on - 19 Nov 2019

  • 18


  • 1528


  • 101


  • 0


Trusted by +2 million users,
1000+ happy students everyday
Showing pages 1 to 4 of 18 pages
SolutionGMER application [1] is used for scanning the system to avoid the rootkit problems. Rootkitproblems are nothing but the problems that aid an authorized user to obtain control.Arif'smachine is scanned to detect the rootkit problems.The GMER application detects even the rootkitproblems that arise from hidden files.1
SolutionThere are 4 types of logs identified and they are listed as follows [2]AppEvent.EvtInternet.evtSecEvent.EvtSysEvent.EvtLog1-AppEvent.EvtApplication Event logs record the events that happens on the system. From the startup event tothe shutdown event,all events are record.It records the event name, event time and thedate,eventdescription,event ID and the event source.2
Log2-Internet.evtInternet event logs are used to track the internet services of the user. It uses the Network TimeProtocol to assist its workLog3-SecEvent.EvtThe security Event log contains a record of the login attempts whether successful login or theunsuccessful login.Log4-SysEvent.EvtThe system event log is slightly similar to the application event log. The difference betweenthem is that it takes in to account the event source along with the event ID.SolutionWindow security log [2] is used to track the details of the user who logged in. The IDs used forthe tracking purpose areWindows Security Log Event ID 624Windows Security Log Event ID 4722.It was also found out that under the ID 4720,a user account was created.3
You’re reading a preview
Preview Documents

To View Complete Document

Click the button to download
Subscribe to our plans

Download This Document