The Mumbai University Digital Forensics Honours Exam paper for May 2025 assesses students' understanding of key concepts in digital forensics. Topics include incident response methodologies, digital evidence collection, and network forensics techniques. This exam paper is essential for students preparing for their honours degree in digital forensics, covering critical areas such as mobile forensics and the role of Windows registry in evidence collection. It provides a comprehensive overview of the subject matter necessary for success in the field.

Key Points

  • Covers incident response methodologies and their significance in digital forensics.
  • Explains the role of Windows registry in collecting forensic evidence.
  • Discusses various preventive measures for cybercrime and their importance.
  • Details live data collection techniques for Windows during digital forensic investigations.
  • Outlines network forensics procedures and standard practices for evidence collection.
devika mestri
1 page
Language:English
Type:Past Paper
Exams
devika mestri
1 page
Language:English
Type:Past Paper
Exams
246
/ 1
*Ttr
c
hcnau-^-3
-miv,o$)
f
sem
tD
f
A-tl
lFr/
-r::s
f
z-r*s-zo-zs
Paper
/ Subject Code:
48845
lprograms
nigit"r'ro."lnrn
qf(d'
.'
-
lA
O
g
g
6
1S
(3
Hours)
N.B.:
(1)
Question
No. 1 is cornpulsory.
(2)
Solve
any three
questions
out of
remaining
five.
(3)
Figures to right indicate full marks.
(4)
Assume suitable data where necessary.
Q.1
[Total
Marks: 80]
(a)
(b)
(c)
(d)
Q.2
(a)
Q.4
Q.s
(a)
CSIRT
(b)
Staircase
drgital
investigation
procesi
model.
(")
Cha[enges inhandling digital evidences.
(d)
NTFS
and
FAT
-r
(e)
hackers, crackers and Phreakers
Explain
the incidcnt
rcsporlsc methodology.
Describe the role of
Windorn,s registry in collecting
forensic evidence.
Discuss various
preventive
rneasrlres
for cybercrime.
Explaine-maiiforensicinvestigationmethods....
Describe tire various
types of nefivork rnonitoring
teci)niques
for data and evidence:
collection.
ri&atiis
incident and incideirt response?
Describe phases
oilR
process
in
{etail
\,
Descdbe in
detail live
data
coiiection techniques
for
Windows
during digital
forensic
lnvestlgatron.
Wrat is nefwork forensics?
What
is the
standard
procedure
used for network
forensics.
t10]
I
Explain
guidelines
for incident r@1
writing.
Give one report-writing
exarnple.
'
,
It
O]
What is Mobile Forensics?
\4rat
are
different
Mobile Forensic tools?
Explain
,
Briefly explain
the role of the
following
tools
in digital
forensics: i; netstat
ii)
psloggedon
iii) tcptrace iv) netcat
v) cryptcat
;
What is the significance
of
the corunand-line
utility
dd in
UND(?
Enumerate the
steps
for Simple Forensics imaging witir dd.
Write short notes on
(any
4)
t5l
l5l
t5l
t5l
t1
0l
[1
0]
ll
0l
(b)
Q.3
(a)
(b)
(a)
ib)
(a)
(b)
i[10]
ti0l
'
t10l
Q.6
tsl
t\t:r
isl
t5l
I5l
,k :1.,t
* * r(,F *
rr
*.{< d< *,k
*>F*++ *
85595
x822Y 7 1A7 4AX822Y7
I 07 4AX822Y7 rc1 4 AX822Y
7
r0'.7 4A
/ 1
End of Document
246

You May Also Like

FAQs

What are the key components of incident response methodologies?
Incident response methodologies involve a structured approach to managing and mitigating cybersecurity incidents. Key components include preparation, detection, analysis, containment, eradication, recovery, and lessons learned. Each phase plays a critical role in ensuring that incidents are handled efficiently and effectively, minimizing damage and restoring normal operations. Understanding these components is essential for digital forensics students to respond appropriately to incidents.
What techniques are used for live data collection in digital forensics?
Live data collection techniques in digital forensics involve capturing volatile data from a system while it is still running. This includes memory analysis, capturing network traffic, and collecting active processes and open files. Tools such as FTK Imager and EnCase are commonly used for this purpose. These techniques are crucial for preserving evidence that may be lost if the system is powered down, providing insights into the state of the system at the time of the incident.
How does the Windows registry contribute to digital forensics?
The Windows registry is a critical component in digital forensics as it contains configuration settings and information about installed software, user activities, and system hardware. Forensic investigators analyze the registry to uncover evidence of user actions, system changes, and potential malicious activities. Understanding how to navigate and interpret registry data is essential for forensic professionals, as it can provide insights into the timeline of events during an investigation.
What preventive measures can be taken against cybercrime?
Preventive measures against cybercrime include implementing strong security policies, regular software updates, user education, and employing advanced security technologies such as firewalls and intrusion detection systems. Organizations should also conduct regular security audits and vulnerability assessments to identify and mitigate risks. By fostering a culture of cybersecurity awareness and preparedness, organizations can significantly reduce their risk of falling victim to cyber threats.

Related