The Mumbai University Digital Forensics Honours Exam paper for May 2024 evaluates students on key concepts in digital forensics. Topics include hacker definitions, challenges in handling digital evidence, and volatile data from routers. The exam also covers the incident response process and mobile forensics tools. Designed for honours students, this paper provides a comprehensive assessment of digital forensic methodologies and practices.

Key Points

  • Defines hackers, crackers, and phreakers in digital forensics.
  • Discusses challenges in managing digital evidence during investigations.
  • Explains volatile data collection from routers in forensic contexts.
  • Describes the staircase digital investigation process model.
devika mestri
1 page
Language:English
Type:Past Paper
Exams
devika mestri
1 page
Language:English
Type:Past Paper
Exams
247
/ 1
l
I
r-
,
Paper
/ Subjecf
Code:
48845
/ Digital
Forensic
il
i''
,'
L'.,
-l
t-t
,l
';,,:
a
-.t
I
l-/
-
-
_-)
(3
Hours)
i- i
I -.
),2'
I
Page
I
of I
x822y 4622EF
X822y
4
6228 I
X
8
2 2
y462
2
E FX
8 2
2
y46
2 2
E F
"-
-'
,,' .t
..
[Total
Marks:
80]
1.
N.B.:
(1)
Question
No.
t is
compulsory.
(2)
Solve
any
three
questions
out
of remaining
fir,e.
(3)
Figures
to right
indicate
full
marks.
(4)
Assume
suitable
data
rvhere
necessary.
(a)
Define
hackers,
crackers
and
phreakers.
(b)
Discuss
in detail
the
challenges
in handling
digital
evidences.
(c)
what
volatile
data
can
be
obtained
iiom
the
investigation
of
rourers.
(d)
Describe
the
staircase
digital
in'esrigation
process
model.
(a)
Explain
the
role
of the
forlowing
tools
in
digital
forensics:
i)
netstat
ii)
psloggedon
iii)
tcptrace
iv)
netcar
v)
crlptcat
(b)
Explain process
of
live
data
collecti,rn
from
Windows
system
in
detail.
(a)
What
is
an incident
response
(IR)?
I)escribe
phases
of IR process
in
dctail.
(b)
Describe
the various
types
of network
monitoring
techniques
for
data
and
evidence
collection.
(a)
Whqt
is
Mobile
Forensics?
What
are
different
Mobile
Forensic
toois?
Explain
(b)
What
is the
significance
of
commanrl-line
utility
dd
in
unix?
Enumerate
rhe
steps
lor
Simple
Forensics
imaging
with
dd,
(a)
What
is
network
forensics?
What
is the
standard
procedure
used
for
nerwork
forensics.
(b)
Fxplain
guidelines
for
incident
report
writing.
Give
one
report-writing
example.
Write
short
notes
on
(any
4)
(a)
Incidentresponsemethodology.
(b)
Preventive
measures
for
cybercrime
(c)
Digital
Forensic
Methodology.
(d)
Role
of Windows
registry
in
collectrng
forensic
evidence.
(e)
E-mail
forensic
investigation
methocls.
Isl
tsl
lsl
lsl
I
101
[101
I
l0l
I
l0l
It0l
Il0l
I
l0l
Il0l
lsl
tsl
Isl
Isl
lsl
56423
/ 1
End of Document
247

You May Also Like

FAQs

What are the main types of hackers mentioned in the exam?
The exam outlines three primary types of hackers: hackers, who exploit systems for ethical reasons; crackers, who break into systems for malicious purposes; and phreakers, who manipulate telecommunications systems. Each type plays a distinct role in the landscape of cybersecurity and digital forensics, highlighting the importance of understanding their motivations and methods.
What challenges are faced in handling digital evidence?
Handling digital evidence presents several challenges, including the volatility of data, the need for proper chain of custody, and the potential for data alteration. Investigators must ensure that evidence is collected and preserved in a manner that maintains its integrity. Additionally, the rapid evolution of technology can complicate the identification and analysis of digital evidence.
What is the significance of volatile data in digital forensics?
Volatile data, such as data stored in RAM, is crucial in digital forensics as it can provide real-time information about system activity. Investigators can recover user sessions, running processes, and network connections from volatile memory. This data is often time-sensitive, making it essential to capture it promptly during an investigation to build a comprehensive understanding of the incident.
What does the staircase digital investigation process model entail?
The staircase digital investigation process model is a structured approach to digital forensics that emphasizes a step-by-step methodology. It includes stages such as preparation, identification, collection, examination, analysis, and presentation of evidence. Each step is designed to ensure thoroughness and accuracy, helping forensic investigators to systematically address complex digital incidents.

Related