: (You must calculate these using tools like CertUtil -hashfile or sha256sum ) MD5 : [Insert MD5] SHA-256 : [Insert SHA-256]
: Identify which user account was used and what files they accessed. 5. Conclusion & Recommendations IP_Leandro_Set5.rar
: List the files inside the archive (e.g., .E01 disk images, .ad1 logical images, or memory dumps). 3. Analysis Methodology : (You must calculate these using tools like
: Create a chronological list of actions taken on the system. .E01 disk images
: Tools like Autopsy , FTK Imager , or EnCase used to browse the image. Artifact Recovery : List specific artifacts examined:
: Briefly state the purpose of the analysis (e.g., investigating a simulated data breach).
Suggest security improvements based on the forensic evidence.