In Lab 8, Part 2, you were supposed to create a hash database. Upload a screenshot of the created

hash database and explain ‘known’ hash databases.

In lab 8, Part 1, you performed bit-shifting. Explain

bit-shifting methods and the challenges in cyber forensics.

In Lab 9, Part 4, you were supposed to practice one of the Anti-Forensics

tools. Explain your observation. (Screenshot is optional)

In Lab 9, Part 3, you were supposed to do research on the

most common steganography tools and find a tool which can be used to perform

image or text hiding. Explain your observation. (Screenshot is optional)

gives a summary of the findings, the impact, and recommendations using simple language that can be understood by the senior management.

You must make sure that you “ do not claim too much ” meaning that, your conclusions must actually be supported by your . A neat way to find the right balance is to debate your conclusions in a critical manner with yourself as well as with your colleagues.

Biased means that incriminating and exonerating

evidence are considered and taken into account. In reality, this would mean

that if you are asked to see if a computer was used during a specific period of

time, you should put an equal amount of effort into evidence supporting the

opposite, namely that it was not used.