Question

Computer System Forensics course

a long and comprehensive explanation by typing please

1.What are some notable differences between Windows forensics and Linux forensics?

2.Name some popular shell commands that can be considered very useful for forensic investigations.

intrusion detection course

3.Discuss 3 issues threatening web applications

Answer 1

1. Differences between Windows and linux forensics:

(a) Linux gives complete access to the source code for the users whereas never gives access to the code until you are a member of its specific group.

(b) With a Linux GPL-licensed operating system, you are free to modify that software and use and even republish or sell it . But with windows operating system, you cannot do any of this because you have to purchase the licenses.

(c) If you wanted to install Linux on a machine you had to make sure you hand-picked each piece of hardware or your installation would not work 100 percent. But with windows, you know that most every piece of hardware will work with the operating system.

2. Shell commands useful for forensic investigations:

(a) Isattr command - this can be used to find immutable objects that can't be deleted.

(b) ls command - this can be used to list information about Linux files and directories created on the system.

(c) find command - this can be used to find hidden directories, determine ownerless files and directories, locate recently modified files.

3. Issues threatening web applications:

(a) The presence of malware is one of the most common threats that companies mostly have to guard against. These types of attacks come in a variety of different injection types and are primed to attack the data in web applications since web applications require data to function.

(b) Injection attacks are another common threat to be on the lookout for. These types of attacks come in a variety of different injection types and are primed to attack the data in web applications since web applications require data to function.

(c) Phishing scam attacks are usually involved and interfere directly with email marketing efforts. These types of threats are designed to look like emails that are from legitimate sources, with the goal of aquiring sensitive information like login credentials, bank account numbers, credit card numbers etc.