Computer Forensic and Cyber Applications - Dec 2014

Computer Engineering (Semester 5)

TOTAL MARKS: 100
TOTAL TIME: 3 HOURS (1) Question 1 is compulsory.
(2) Attempt any four from the remaining questions.
(3) Assume data wherever required.
(4) Figures to the right indicate full marks.

Answer any one question from Q1 and Q2

1 (a) Explain following network hardware components
1) Hub
2) Repeater
3) Switch 4) Router(8 marks) 1 (b) What are different digital investigation process models ? Describe any one.(6 marks) 1 (c) Explain how intruders make use of social engineering and reverse social engineering to achieve their motive(6 marks) 2 (a) Explain periodic listen and sleep operation in S-MAC.(8 marks) 2 (b) Explain evidence exchange principle with neat diagram.(6 marks) 2 (c) Write short note on investigative reconstruction in violent crime.(6 marks)

Answer any one question from Q3 and Q4

3 (a) Define Cyber stalking and explain how cyber stalkers operate.(8 marks) 3 (b) Explain the following terms with respect to reconstruction.
i) Functional Analysis
ii) Relational Analysis(8 marks) 4 (a) Explain the following terms.
i) Private key encryption
ii) Public key encryption(8 marks) 4 (b) Write short note on
i) File formats and carving
ii) Digital stratigraphy(8 marks)

Answer any one question from Q5 and Q6

5 (a) Describe NTFS file system.(8 marks) 5 (b) Explain how to handle mobile devices as source of evidence.(8 marks) 6 (a) Describe UNIX file system.(8 marks) 6 (b) Explain in brief Intellectual Property Rights (IPR).(8 marks)

Answer any one question from Q7 and Q8

7 (a) Explain E-mail forgery and tracking in detail.(9 marks) 7 (b) Write short note on
i) Online anonymity and self-protection.
ii) Searching and tracking on IRC.(9 marks) 8 (a) Differentiate between static IP address and dynamic IP address.(6 marks) 8 (b) Explain different logs in TCP/IP related digital evidence.(9 marks) 8 (c) Enlist seven main services provided by internet.(3 marks)