M.

Tech CSE-2nd Sem DEPARTMENT OF

ASSIGNMENT-1 COMPUTER SCIENCE
DIGITAL FORENSICS AND ENGINEERING
MTCS 211-18

Total Marks :16

Each question carries 4 marks.

1. A major financial institution discovers unauthorized access to its database, leading to the leak
of customer information, including credit card details. The IT team detects that the intrusion
originated from an internal employee’s workstation, but the employee denies any involvement.
a. As a digital forensic investigator, what initial steps would you take to secure and analyze
the digital evidence?
b. Which forensic tools would you use to recover deleted files and track user activity on the
workstation?
2. A healthcare facility becomes the victim of a ransomware attack, which encrypts patient
records, demanding payment in cryptocurrency for decryption keys. The IT team is unable to
restore backups, and the hospital faces an operational crisis.
a. If the hospital decides to involve law enforcement, what type of court orders or legal
permissions would be required to track cryptocurrency transactions?
b. How can retrieved and un-retrieved communications be used to trace the cybercriminals
behind the attack?
3. Explain the biggest challenges in analyzing financial fraud using digital forensics. How can
forensic investigators distinguish between intentional fraud and accidental data modification?
4. How does AI enhance digital forensics by automating data analysis, detecting anomalies, and
identifying patterns in cybercrime investigations? What are the key benefits of AI-driven
forensic tools in handling large datasets, malware analysis, and evidence extraction?
Additionally, what challenges and ethical concerns arise regarding bias, accuracy, and the legal
admissibility of AI-generated forensic evidence?