CFCA

Question 1: What is Computer Forensics ?

Ans:
Definition:
Computer forensics is the application of investigation and
analysis
techniques to gather and preserve
evidence from a particular computing device in a way
that is suitable for presentation in a court of law. The goal
of computer forensics is to perform a structured
investigation while maintaining a documented chain of
evidence to find out exactly what happened on a
computing device and who was responsible for it.
Uses:
In cyber crimes, the computer is the 'Scene of the crime'.
Computer Forensics are used in variety of cases such as:
* Intellectual Property theft
* Industrial espionage
* Employment disputes
* Fraud investigations
* Forgeries
* Bankruptcy investigations
* Inappropriate email and internet use in the work place
* Regulatory compliance
Thus, it's a major field with vast
applications.
Techniques:
- Cross Drive analysis
- Live Analysis
- Deleted Files
- Stochastic Forensics

- Steganography

Question 2: What are the different forensic

tools ?
Ans:
Forensic tools have a pretty interesting history. It wasn't
until the 90's that various software and hardware tools for
forensic analysis were introduced. Before that 'Live
Analysis' ie- examining digital media directly using nonspecialist tools was in use.
Types:
The forensic tools can be categorized as follows:
File viewers
File analysis tools
Registry analysis tools
Internet analysis tools
Email analysis tools
Mobile devices analysis tools
Mac OS analysis tools
Network forensics tools
Database forensics tools
Disk and Data Capture tools
Examples:
Both freeware and proprietary softwares are available.
Some examples are:
Magnetic Axiom, EnCase, Wireshark, Registry Recon, The

Sleuth Kit,
COFEE etc.

Question 3: What is Cyberspace ?

Ans:
Definition:
Cyberspace is a domain characterized by the use of
electronics and the electromagnetic spectrum to store,
modify, and exchange data via networked systems and
associated physical infrastructures. In effect, cyberspace
can be thought of as the interconnection of human beings
through computers and telecommunication, without
regard to physical geography.
While cyberspace should not be confused with the
Internet, the term is often used to refer to objects and
identities that exist largely within the communication
network itself, so that a website, for example, might be
metaphorically said to "exist in cyberspace".
According to this interpretation, events taking place on
the Internet are not happening in the locations where
participants or servers are physically located, but "in
cyberspace".
Although the present-day, loose use of the term
"cyberspace" no longer implies or suggests immersion in
a virtual reality, current technology allows the integration
of a number of capabilities (sensors, signals, connections,
transmissions, processors, and controllers) sufficient to
generate a virtual interactive experience that is
accessible regardless of a geographic location.
Cyberspaces have their own laws to protect any unlawful

practices. Computer forensics are used for these

investigation purposes.

Question 4: What are the different cyber

applications ?
Ans:
The

various elements of cyber security include :

Application Security
Information Security
Network Security
End-user education
Disaster recovery / Business continuity planning

Applications:
Mobile
Secure Email
Document Signing
Smart Cards
Virtual Private Networks
Code Signing
Online Validation
Secure Communication
Financial Security
Automobiles
Aviation Industry

Question 5: What are cyber attacks ?

Ans:
Definition:
A cyberattack is deliberate exploitation of computer
systems,
technology-dependent
enterprises
and
networks. Cyberattacks use malicious code to alter
computer code, logic or data, resulting in disruptive
consequences that can compromise data and lead to
cybercrimes, such as information and identity theft.
Cyberattack is also known as a computer network attack
(CNA) or cyberawarfare.
Consequences:
Stolen hardware, such as laptops or mobile devices
Denial-of-service and distributed denial-of-service
attacks
Breach of access
Password sniffing
System infiltration
Website defacement

 Private and public Web browser exploits

Instant messaging abuse
Intellectual property (IP) theft or unauthorized access
Identity theft, fraud, extortion
Malware, pharming, phishing, spamming, spoofing,
spyware, Trojans and viruses.