Assignment 3 – IT Forensics 2023
Submission instructions
Deadline: Friday, 20 October 2023 (11:55pm)
Submission format: PDF only and Moodle submissions. You can use any freely
available PDF converter to make a PDF file from an editable one. Please make sure you have submitted your assignment and it is not left in the DRAFT mode.
Submission platform: Upload via Turnitin assignment on Moodle.
Late submissions:
● via special consideration request
● or, without a special consideration request, you lose 10% of your mark per day that
you submit late. Submissions will not be accepted more than 5 days late.
Plagiarism: It is an academic requirement that your submitted work be original.
Zero marks will be awarded for the whole submission if there is any evidence of copying, collaboration, pasting from websites, or copying from textbooks. The faculty’s Plagiarism Policy applies to all assessments: http://intranet.monash.edu.au/infotech/resources/students/assignments/polic ies.html
Further Note: When you are asked to use Internet resources to answer a question, this does not mean copy-pasting text from websites. Write answers in your own words such that your understanding of the answer is evident.
● This assignment is worth 30% of your unit marks.
● The assignment is marked out of (part A + part B) = (5 + 25) = 30 nominal marks.
SPECIAL NOTE:
● FTK Imager and Autopsy are available on MoVE.
● FTK Toolkit is available 24/7 to all students in CG10, CG22, and CG23 at
Bulding 79P (7 Innovation Walk), Clayton campus.
● Please do not turn off the lab machines., only log off or restart.
● The default username/password to access FTK is user/user. Please do not
make changes to this default.
● Once you are finished with your assignment, please remove your files and
case from the computers in the labs.
● All assignment questions can be solved using open-source softwares.
However, some students might want to use FTk for it. In that case, please start working as soon as possible, because there are only 62 computers that can run FTK at the same time. No special consideration for late submission will be given for licensing reasons. You have been warned!
程序代写 CS代考 加QQ: 749389476
PART A – Reporting
You are required to create an FTK report based on the image you worked with in Assignment 2 – Part B – Moodle questions. Take the image of your attempt with the highest mark. The image is still downloadable from the Moodle by visiting the quiz link where you could see your mark and correct/incorrect answers. Create an FTK report containing at least 5 objects:
1. The most recent document the user has opened (User and Registry Information, question 8) – 1 object
2. Tagged picture (Item 1) – 1 object
3. Tagged Video (Item 2) – 1 object
4. Two out of Three Registry files SAM, Software, and System – 2 objects
Submit the pdf of your report in Assignment 3 – Part A – Reporting. Note that your FTK report may include other items like Case Information, Bookmarks, etc.
PART B – PRACTICAL EXERCISE
Please refer to the “assessment” section under Moodle: FIT3168 students:
https://lms.monash.edu/mod/quiz/view.php?id=11899272
FIT5223 students:
https://lms.monash.edu/mod/quiz/view.php?id=11903886
For this part:
1) Attempt the quiz in this section of Moodle. Read the quiz instructions carefully.
2) You also need to submit a short presentation of no more than 10 minutes
explaining the steps you took to answer the questions of the quiz. The
presentation is not marked however it serves as a reference/evidence/proof.
3) You have only three attempts. Each new attempt would give you a new image file different from your previous attempt. So please make sure you do not answer the questions of an attempt using a previous image. Under no circumstances we
will not open an additional attempt.
4) The above links would take you to the quiz page.
(25 marks)
Code Help