Module 1 : Introduction to Cybercrime and Computer crime:

Q.1 Define Cybercrime and explain classification of i?

Q.2 Short note :1. DOS/DDOS Attack 2. Trojan Attack 3.Cyber Terrorism 4.Cyber Stalking
Q.3 classification of computer crimes
Q.4.Define: cybercrime, Hackers, Crackers, Phreakers
Q.5. Differentiate between Computer Viruses, Computer Worms
Q.6. Case study on Cyber Crime like Credit Card Frauds.
Q.7 List Steps that can be followed to prevent cybercrime

Module 2 : Introduction to Digital Forensics and Digital Evidences

Q.1. Explain Digital Forensics lifecycle.

Q.2 Explain Digital Investigation Process Models and its application: Physical Model, Staircase Model, Evidence
Flow Model.

Q.3 Short note: 1. Challenging Aspects of Digital Evidence 2. Scientific Evidence

Q.4 List and explain Rules of Digital Evidence

Module 3 : Computer Forensics

Q.1Explain the tasks performed by Computer Forensics tools

Q.2 Explain Windows OS Artifacts in detail.
Q.3How Computer Forensics tools used to extract information to supports the digital investigator during the four
phases of the digital investigation.
Q.4 How Windows OS Artifacts helps in hold information about the activities that are performed by the Windows
user.
Q.5 Short note : 1.OS File Systems : FAT32 ,NTFS,Unix file system,MAC file system 2. RAM forensic Analysis

Department of Information Technology | APSIT

Module 4 :Incident Response Management, Live Data Collection and Forensic Duplication
4.1 Incidence Response Methodology: Goals of Incident Response, Finding and Hiring IR Talent 4.2 IR Process:
Initial Response, Investigation, Remediation, Tracking of Significant Investigative Information. 4.3 Live Data
Collection: Live Data Collection on Microsoft Windows,
4.4 Forensic Duplication: Forensic Duplicates as Admissible Evidence, Forensic Duplication Tools: Creating a
Forensic evidence, Duplicate/Qualified Forensic Duplicate of a Hard Drive.
1. Explain Goals of Incident response?
2. How to collect Live data on Microsoft Windows.
3.
4.
6.
7. Explain Incident Response process in detail?
8. Explain Forensic Duplication process in detail.

Module 5 : Forensic Tools and Report Writing

5.1 Forensic Image Acquisition in Linux : Acquire an Image with dd Tools, Acquire an Image with Forensic
Formats, Preserve Digital Evidence with Cryptography, Image Acquisition over a Network, Acquire Removable
Media 5.2 Forensic Investigation Report Writing: Reporting Standards, Report Style and Formatting, Report
Content and Organization
1.How to create disk image using dd command?
2.Short note : Forensic Investigation Report Writing.
3.What is the purpose of image acquisition?
4.How to preserved Digital Evidence with Cryptography.

Module 6 : Network Forensics and Mobile Forensics

1Short Note: Mobile Forensic
2.Short Note: Network Forensic and Network Intrusion Detection and Analysis
3.Explain forensic investigation of a router?
4.Explain forensic investigation of a Firewall
5.Explain mobile phone evidence extraction process.

Department of Information Technology | APSIT

Department of Information Technology | APSIT