Identify the file system that uses $BitMap file to keep track of all used and unused clusters on a volume.
In an email crime investigation, the forensic investigator analyses a computer using the Microsoft Outlook application. The investigator knows that Outlook stores email data in both .pst and .ost file formats. They want to focus on the files that hold the email data even when there is no internet connection. Which files should the investigator target for a deeper analysis?
A large corporation has recently undergone a cyberattack. The forensic analyst finds suspicious activities in the Windows Event logs during the investigation. The analyst notes that a specific service on the machine has been frequently starting and stopping during the time of the attack. What event IDs should the analyst look for in the System log to confirm this suspicious behavior?
Investigators can use the Type Allocation Code (TAC) to find the model and origin of a mobile device. Where is TAC located in mobile devices?
In a forensic investigation on an Android device, a Computer Hacking Forensics Investigator is required to extract information from the SQLite database. They aim to recover the user's web browsing history. Which is the correct SQLite database path that the investigator should focus on?
Which of the following malware targets Android mobile devices and installs a backdoor that remotely installs applications from an attacker-controlled server?
