Analyzing Images to Identify Suspicious or Modified Files

Lab #5 - Assessment Worksheet

Analyzing Images to Identify Suspicious or Modified Files

  1. Why might it be important to confiscate and identify the websites and kinds of images found on a suspect’s computer?

Confiscating and identifying the websites and images in the suspect’s computer is helpful in establishing concrete evidence against the suspect. 

  1. Explain what the P2 Commander Image Analyzer does and what it looks for.

The P2 Commander Image Analyzer scans the images and it looks pornographic contents.

  1. How do you decrease the amount of false positives in the Highly Suspect or Suspect categories?

By changing the search sensitivity.

  1. Into how many different categories does P2 Commander’s Sorted Files feature categorize all of the identified files? What are these categories?

There are 15 different categories and they include emails, documents, graphics, spreadsheets, databases, multimedia, compressed, executable, text, encrypted, xml, and chats amongst others.

  1. How many files did the Sorted Files feature identify on the evidence drive?

3022

  1. Where would you look to identify a rogue application, malicious spyware application, or keyboard logger application on the target evidence drive?

Under the executables

  1. Where would you look to identify ZIP files and compressed files that may actually contain embedded malicious software?

They are found in the compressed categories

  1. Where must you also look to examine possible image files on the evidence drive under investigation?

Under the graphic and Recover from Unallocated Space.

  1. Why is it also important to look under the Graphics folder directly under the Sorted tree as well as the Image Analyzer Results category?

It is of importance in instances where the program may not have recognized the image as a threat.

Summary

An investigator can keep the suspect’s images and websites so as to establish concrete evidence. The P2 Commander Image Analyzer scans images and looks for pornographic content. The amount of false positives in the Highly Suspect can be decreased by changing the sensitivity. There are 15 different categories of P2 Commander’s Sorted Files including encrypted, xml, and chats amongst others. There are 3022 Sorted Files in evidence drive. The rogue application, malicious spyware application, or keyboard logger application on the target evidence drive are identified under the executables. ZIP files and compressed files are found under compressed categories. The possible image files on the evidence drive can be looked under the graphic and Recover from Unallocated Space. If an image is not recognized as threat, it can be looked under the Graphics folder.

Want latest solution of this assignment

Submit Your Assignment Here

AssignmentHippo Features

On Time Delivery

Our motto is deliver assignment on Time. Our Expert writers deliver quality assignments to the students.

Plagiarism Free Work

Get reliable and unique assignments by using our 100% plagiarism-free.

24 X 7 Live Help

Get connected 24*7 with our Live Chat support executives to receive instant solutions for your assignment.

Services For All Subjects

Get Help with all the subjects like: Programming, Accounting, Finance, Engineering, Law and Marketing.

Best Price Guarantee

Get premium service at a pocket-friendly rate at AssignmentHippo

FREE RESOURCES

  • Assignment Writing Guide
  • Essay Writing Guide
  • Dissertation Writing Guide
  • Research Paper Writing Guide

FREE SAMPLE FILE

  • Accounts
  • Computer Science
  • Economics
  • Engineering

Client Review

I was struggling so hard to complete my marketing assignment on brand development when I decided to finally reach to the experts of this portal. They certainly deliver perfect consistency and the desired format. The content prepared by the experts of this platform was simply amazing. I definitely owe my grades to them.

Tap to Chat
Get instant assignment help