Your Perfect Assignment is Just a Click Away
We Write Custom Academic Papers

100% Original, Plagiarism Free, Customized to your instructions!

glass
pen
clip
papers
heaphones

ISSC351 APUS Operating Systems For Forensic Investigation Discussion

ISSC351 APUS Operating Systems For Forensic Investigation Discussion

Need two 100 words discussion responses for the following student discussions. Below in bold will the questions the students are answering.
Questions:

The Linux Operating System is becoming more popular every day due to its cost and availability. As in any operating system investigation, there are certain things that the investigator must look for, discuss these files and logs.
How would you conduct an investigation of a Linux system?
Apple Macintosh Operating System is also one of the top operating systems used. It differs from all of the other operating systems in many ways. Discuss how you would investigate an apple system, discuss the tools used and the files, logs and file systems.

Student one:
Greetings Class,
Conducting an investigation on any operating system requires due diligence in order to preserve the integrity of the evidence being evaluated. Therefore, to properly accomplish this a forensics copy must be made so the investigation can take place on the copy opposed to the original. In Linux, and other Unix based operating systems, a copy can be conducted directly from the shell with the command “dd”. Other beneficial commands that could be used directly from the shell are the “ps” command which will show all current running processes for the user logged in, and the “who” command which will identify the user(s) currently logged on the system.
Linux, like any other operating system contains areas of interest to forensics investigators that can help piece back a picture of what the device was being used for. Important areas of interest include the directories and logs which can be accessed directly through shell commands. One of the first logs of interest is the “/var/log/faillog” log which shows if and how many fail attempts in logging into the device. This can be beneficial in the case you are determining if the device was hacked or not. The “/var/log/mail.*” log will show data associated with the mail server which can contain incriminating evidence from messages sent or received from the device. Additionally the directories can contain valuable information when conducting ones investigation. To name a few, the “/root” directory contains user information for the root users which is usually the administrator and the “/usr” directory shows subdirectories for individual users
Apple utilizes an operating system that is based off of FreeBSD which is a Unix clone. Therefore investigators can utilize the same shell commands to work in the terminal and make a clone of the disk by using the “dd” command. Another benefit for investigators is that Apple has a “Target Disk Mode” which can be activated to prevent the disk being written to prior to making a disk image. Additionally you can view live running processes prior to shutdown without compromising the evidence. And just like Linux, the terminal can be used to extract information swap file, users logs, and other areas within the directory.
James Duran

Student two:
Class,
1.Linux files and logs are built within the system in order to keep track of what is going on within a system.The Linux files and logs can give an insight of the health of a system, errors that could be occurring, the actual security of a system as well.This system can help an administrator as well as the investigation but can be a very slow process in order to find that actual evidence that is being needed.The logs can give the investigator a general idea of what has happened within a system and the log represents a record log of sorts of what has happened within certain areas of a system.Every thing that happens with the system can be can be researched from the files and logs.
2.In order to conduct an investigation with a Linux system, the investigator would have to start with the fail logs.The fail logs help identify if that has been a number of failed attempts in trying to gain access to a system.This step would be a great starting point to get an idea of the attempted system cracking.
3.Apple systems can be investigated just like any other operating system when the investigator begin with the logs.The logs are the tell all of what is going on with a system.The directories will give an investigator a plethora of information just as the files and logs would.The different tools that can be used while investigating an apple system would be similar if there was an investigation with Windows or Linux.Target disk mode, shell commands, and searching virtual memory are tools that can be used.
Easttom, Chuck. System Forensics, Investigation, and Response PDF VitalBook.. [VitalSource].
-Eddie

Order Solution Now

Our Service Charter

1. Professional & Expert Writers: Topnotch Essay only hires the best. Our writers are specially selected and recruited, after which they undergo further training to perfect their skills for specialization purposes. Moreover, our writers are holders of masters and Ph.D. degrees. They have impressive academic records, besides being native English speakers.

2. Top Quality Papers: Our customers are always guaranteed of papers that exceed their expectations. All our writers have +5 years of experience. This implies that all papers are written by individuals who are experts in their fields. In addition, the quality team reviews all the papers before sending them to the customers.

3. Plagiarism-Free Papers: All papers provided byTopnotch Essay are written from scratch. Appropriate referencing and citation of key information are followed. Plagiarism checkers are used by the Quality assurance team and our editors just to double-check that there are no instances of plagiarism.

4. Timely Delivery: Time wasted is equivalent to a failed dedication and commitment. Topnotch Essay is known for timely delivery of any pending customer orders. Customers are well informed of the progress of their papers to ensure they keep track of what the writer is providing before the final draft is sent for grading.

5. Affordable Prices: Our prices are fairly structured to fit in all groups. Any customer willing to place their assignments with us can do so at very affordable prices. In addition, our customers enjoy regular discounts and bonuses.

6. 24/7 Customer Support: At Topnotch Essay, we have put in place a team of experts who answer to all customer inquiries promptly. The best part is the ever-availability of the team. Customers can make inquiries anytime.