Enviar pesquisa
Carregar
File000148
•
1 gostou
•
617 visualizações
Desmond Devendran
Seguir
Tecnologia
Vista de apresentação de diapositivos
Denunciar
Compartilhar
Vista de apresentação de diapositivos
Denunciar
Compartilhar
1 de 66
Baixar agora
Baixar para ler offline
Recomendados
File000150
File000150
Desmond Devendran
File000152
File000152
Desmond Devendran
Ce hv6 module 46 securing laptop computers
Ce hv6 module 46 securing laptop computers
Vi Tính Hoàng Nam
Ce hv6 module 66 security convergence
Ce hv6 module 66 security convergence
Vi Tính Hoàng Nam
File000122
File000122
Desmond Devendran
File000127
File000127
Desmond Devendran
File000173
File000173
Desmond Devendran
Ceh v5 module 17 physical security
Ceh v5 module 17 physical security
Vi Tính Hoàng Nam
Recomendados
File000150
File000150
Desmond Devendran
File000152
File000152
Desmond Devendran
Ce hv6 module 46 securing laptop computers
Ce hv6 module 46 securing laptop computers
Vi Tính Hoàng Nam
Ce hv6 module 66 security convergence
Ce hv6 module 66 security convergence
Vi Tính Hoàng Nam
File000122
File000122
Desmond Devendran
File000127
File000127
Desmond Devendran
File000173
File000173
Desmond Devendran
Ceh v5 module 17 physical security
Ceh v5 module 17 physical security
Vi Tính Hoàng Nam
File000136
File000136
Desmond Devendran
File000129
File000129
Desmond Devendran
Ce hv6 module 47 spying technologies
Ce hv6 module 47 spying technologies
Vi Tính Hoàng Nam
File000121
File000121
Desmond Devendran
Chapter 12.0
Chapter 12.0
Adebisi Tolulope
ITE v5.0 - Chapter 8
ITE v5.0 - Chapter 8
Irsandi Hasan
Mobile devices
Mobile devices
jainji
WR Paper: Security for Videoconferencing
WR Paper: Security for Videoconferencing
Videoguy
The Bot Stops Here: Removing the BotNet Threat - Public and Higher Ed Securit...
The Bot Stops Here: Removing the BotNet Threat - Public and Higher Ed Securit...
Eric Vanderburg
Steve brueckner-atc-ny
Steve brueckner-atc-ny
jcaire
Important keyword to remember
Important keyword to remember
Iszamli Jailani
Module 2
Module 2
shatir_
REMOVABLE STORAGE CENTRALIZED CONTROL FOR WINDOWS LAN, WAN, OR WORKGROUP
REMOVABLE STORAGE CENTRALIZED CONTROL FOR WINDOWS LAN, WAN, OR WORKGROUP
Javier Arrospide
Unit F Data Security
Unit F Data Security
Chaffey College
Pace IT - Peripheral Devices
Pace IT - Peripheral Devices
Pace IT at Edmonds Community College
Security Issues for Cellular Telephony
Security Issues for Cellular Telephony
United International University
IMD 203 - Ch03
IMD 203 - Ch03
ALBAKRI MOHAMMAD
Embedded systems The Past Present and the Future
Embedded systems The Past Present and the Future
Srikanth KS
Complete security package for usb thumb drive
Complete security package for usb thumb drive
Alexander Decker
File000142
File000142
Desmond Devendran
File000097
File000097
Desmond Devendran
File000171
File000171
Desmond Devendran
Mais conteúdo relacionado
Mais procurados
File000136
File000136
Desmond Devendran
File000129
File000129
Desmond Devendran
Ce hv6 module 47 spying technologies
Ce hv6 module 47 spying technologies
Vi Tính Hoàng Nam
File000121
File000121
Desmond Devendran
Chapter 12.0
Chapter 12.0
Adebisi Tolulope
ITE v5.0 - Chapter 8
ITE v5.0 - Chapter 8
Irsandi Hasan
Mobile devices
Mobile devices
jainji
WR Paper: Security for Videoconferencing
WR Paper: Security for Videoconferencing
Videoguy
The Bot Stops Here: Removing the BotNet Threat - Public and Higher Ed Securit...
The Bot Stops Here: Removing the BotNet Threat - Public and Higher Ed Securit...
Eric Vanderburg
Steve brueckner-atc-ny
Steve brueckner-atc-ny
jcaire
Important keyword to remember
Important keyword to remember
Iszamli Jailani
Module 2
Module 2
shatir_
REMOVABLE STORAGE CENTRALIZED CONTROL FOR WINDOWS LAN, WAN, OR WORKGROUP
REMOVABLE STORAGE CENTRALIZED CONTROL FOR WINDOWS LAN, WAN, OR WORKGROUP
Javier Arrospide
Unit F Data Security
Unit F Data Security
Chaffey College
Pace IT - Peripheral Devices
Pace IT - Peripheral Devices
Pace IT at Edmonds Community College
Security Issues for Cellular Telephony
Security Issues for Cellular Telephony
United International University
IMD 203 - Ch03
IMD 203 - Ch03
ALBAKRI MOHAMMAD
Embedded systems The Past Present and the Future
Embedded systems The Past Present and the Future
Srikanth KS
Complete security package for usb thumb drive
Complete security package for usb thumb drive
Alexander Decker
Mais procurados
(19)
File000136
File000136
File000129
File000129
Ce hv6 module 47 spying technologies
Ce hv6 module 47 spying technologies
File000121
File000121
Chapter 12.0
Chapter 12.0
ITE v5.0 - Chapter 8
ITE v5.0 - Chapter 8
Mobile devices
Mobile devices
WR Paper: Security for Videoconferencing
WR Paper: Security for Videoconferencing
The Bot Stops Here: Removing the BotNet Threat - Public and Higher Ed Securit...
The Bot Stops Here: Removing the BotNet Threat - Public and Higher Ed Securit...
Steve brueckner-atc-ny
Steve brueckner-atc-ny
Important keyword to remember
Important keyword to remember
Module 2
Module 2
REMOVABLE STORAGE CENTRALIZED CONTROL FOR WINDOWS LAN, WAN, OR WORKGROUP
REMOVABLE STORAGE CENTRALIZED CONTROL FOR WINDOWS LAN, WAN, OR WORKGROUP
Unit F Data Security
Unit F Data Security
Pace IT - Peripheral Devices
Pace IT - Peripheral Devices
Security Issues for Cellular Telephony
Security Issues for Cellular Telephony
IMD 203 - Ch03
IMD 203 - Ch03
Embedded systems The Past Present and the Future
Embedded systems The Past Present and the Future
Complete security package for usb thumb drive
Complete security package for usb thumb drive
Destaque
File000142
File000142
Desmond Devendran
File000097
File000097
Desmond Devendran
File000171
File000171
Desmond Devendran
File000157
File000157
Desmond Devendran
File000113
File000113
Desmond Devendran
File000163
File000163
Desmond Devendran
File000165
File000165
Desmond Devendran
File000135
File000135
Desmond Devendran
File000161
File000161
Desmond Devendran
File000145
File000145
Desmond Devendran
File000174
File000174
Desmond Devendran
File000170
File000170
Desmond Devendran
File000141
File000141
Desmond Devendran
File000128
File000128
Desmond Devendran
File000168
File000168
Desmond Devendran
Investigating server logs
Investigating server logs
Animesh Shaw
[Gerard blokdijk, claire_engle,_jackie_brewster]_i(book_see.org) (1)
[Gerard blokdijk, claire_engle,_jackie_brewster]_i(book_see.org) (1)
Desmond Devendran
File000169
File000169
Desmond Devendran
File000149
File000149
Desmond Devendran
File000166
File000166
Desmond Devendran
Destaque
(20)
File000142
File000142
File000097
File000097
File000171
File000171
File000157
File000157
File000113
File000113
File000163
File000163
File000165
File000165
File000135
File000135
File000161
File000161
File000145
File000145
File000174
File000174
File000170
File000170
File000141
File000141
File000128
File000128
File000168
File000168
Investigating server logs
Investigating server logs
[Gerard blokdijk, claire_engle,_jackie_brewster]_i(book_see.org) (1)
[Gerard blokdijk, claire_engle,_jackie_brewster]_i(book_see.org) (1)
File000169
File000169
File000149
File000149
File000166
File000166
Semelhante a File000148
It6601 mobile computing unit 5
It6601 mobile computing unit 5
RMK ENGINEERING COLLEGE, CHENNAI
Lec no. 4 hardware and software basic
Lec no. 4 hardware and software basic
Jiian Francisco
Network
Network
Downloadssu Fullmaza
Hardware
Hardware
Susheel-Jain
Hardware and Software Basics With Dr. Poirot
Hardware and Software Basics With Dr. Poirot
zelah marie dasmariñas-gorres
Hwswb
Hwswb
Saranya Ram
IT6601 MOBILE COMPUTING
IT6601 MOBILE COMPUTING
Kathirvel Ayyaswamy
hardware software basics
hardware software basics
Deepa Rani
Multimedia Technology
Multimedia Technology
mandalina landy
Language for embedded system
Language for embedded system
vkrhanjeeth .
Language for Embedded System
Language for Embedded System
vkrhanjeeth .
Chap08
Chap08
Fathur Rohman
Lecture_3.pptx
Lecture_3.pptx
MNumanZafar1
Operating system
Operating system
Ariful Islam
Embedded system
Embedded system
Anmol Bagga
Embeddedsystem
Embeddedsystem
anshul parmar
Essential Knowledge of Computers.pptx
Essential Knowledge of Computers.pptx
HODCSE74
Basic Computer Hardware & Software
Basic Computer Hardware & Software
JVGAJJAR
Basic computer hardware and software
Basic computer hardware and software
phazeddl
Basic computer hardware and software
Basic computer hardware and software
leidy5566
Semelhante a File000148
(20)
It6601 mobile computing unit 5
It6601 mobile computing unit 5
Lec no. 4 hardware and software basic
Lec no. 4 hardware and software basic
Network
Network
Hardware
Hardware
Hardware and Software Basics With Dr. Poirot
Hardware and Software Basics With Dr. Poirot
Hwswb
Hwswb
IT6601 MOBILE COMPUTING
IT6601 MOBILE COMPUTING
hardware software basics
hardware software basics
Multimedia Technology
Multimedia Technology
Language for embedded system
Language for embedded system
Language for Embedded System
Language for Embedded System
Chap08
Chap08
Lecture_3.pptx
Lecture_3.pptx
Operating system
Operating system
Embedded system
Embedded system
Embeddedsystem
Embeddedsystem
Essential Knowledge of Computers.pptx
Essential Knowledge of Computers.pptx
Basic Computer Hardware & Software
Basic Computer Hardware & Software
Basic computer hardware and software
Basic computer hardware and software
Basic computer hardware and software
Basic computer hardware and software
Mais de Desmond Devendran
Siam key-facts
Siam key-facts
Desmond Devendran
Siam foundation-process-guides
Siam foundation-process-guides
Desmond Devendran
Siam foundation-body-of-knowledge
Siam foundation-body-of-knowledge
Desmond Devendran
Enterprise service-management-essentials
Enterprise service-management-essentials
Desmond Devendran
Service Integration and Management
Service Integration and Management
Desmond Devendran
Diagram of iso_22301_implementation_process_en
Diagram of iso_22301_implementation_process_en
Desmond Devendran
CHFI 1
CHFI 1
Desmond Devendran
File000176
File000176
Desmond Devendran
File000175
File000175
Desmond Devendran
File000172
File000172
Desmond Devendran
File000167
File000167
Desmond Devendran
File000164
File000164
Desmond Devendran
File000162
File000162
Desmond Devendran
File000160
File000160
Desmond Devendran
File000159
File000159
Desmond Devendran
File000158
File000158
Desmond Devendran
File000156
File000156
Desmond Devendran
File000155
File000155
Desmond Devendran
File000154
File000154
Desmond Devendran
Mais de Desmond Devendran
(19)
Siam key-facts
Siam key-facts
Siam foundation-process-guides
Siam foundation-process-guides
Siam foundation-body-of-knowledge
Siam foundation-body-of-knowledge
Enterprise service-management-essentials
Enterprise service-management-essentials
Service Integration and Management
Service Integration and Management
Diagram of iso_22301_implementation_process_en
Diagram of iso_22301_implementation_process_en
CHFI 1
CHFI 1
File000176
File000176
File000175
File000175
File000172
File000172
File000167
File000167
File000164
File000164
File000162
File000162
File000160
File000160
File000159
File000159
File000158
File000158
File000156
File000156
File000155
File000155
File000154
File000154
Último
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
sudhanshuwaghmare1
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
Results
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
Rafal Los
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
Slack Application Development 101 Slides
Slack Application Development 101 Slides
praypatel2
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
naman860154
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
ThousandEyes
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
Anna Loughnan Colquhoun
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
Radu Cotescu
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
The Digital Insurer
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
debabhi2
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
hans926745
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
Michael W. Hawkins
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
wesley chun
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
The Digital Insurer
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
Pixlogix Infotech
Último
(20)
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Slack Application Development 101 Slides
Slack Application Development 101 Slides
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
File000148
1.
Module XXXV –
PDA Forensics
2.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited News: Verizon Wireless to Host PDA and Smartphone Workshops at Union County Communications Store Source: http://www.itnewsonline.com/showprnstory.php?storyid=8112
3.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Module Objective • Personal Digital Assistants (PDAs) • Information Stored in PDAs • PDA Components • PDA Generic States • PDA Security Issues • PDA Forensics Steps • PDA Forensics Tools • Countermeasures This module will familiarize you with:
4.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Module Flow Personal Digital Assistants (PDAs) Information Stored in PDAs PDA Components PDA Generic States PDA Security Issues PDA Forensics Steps PDA Forensics Tools Countermeasures
5.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Personal Digital Assistants (PDAs) • Notes, calculator, clock, calendar, address book, and spreadsheet • Emails and Internet access • Video and audio recording • Built in infrared (i.e., IrDA), Bluetooth, and Wi-Fi ports • Radio and music players • Games Features: PDA is a handheld device that combines computing, telephone/fax, Internet, and networking features
6.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Information Stored in PDAs Percentages of PDA vs. Type of Information stored While PDAs and smartphones can greatly enhance the employee’s productivity, the amount of sensitive and confidential information stored in PDAs increases the risk of information theft and potential losses to the organization
7.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited PDA Components
8.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited PDA Characteristics Most types of PDAs have a microprocessor, read only memory (ROM), random access memory (RAM), a variety of hardware keys and interfaces, and a touch sensitive, liquid crystal display The operating system (OS) of the device is held in ROM PDAs use different varieties of ROM, including Flash ROM, which can be erased and reprogrammed electronically RAM, which normally contains user data, is kept active by batteries failure or exhaustion of which may cause information loss
9.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited PDA Characteristics (cont’d) Latest PDAs come equipped with system-level microprocessors that reduce the number of supporting chips required and include considerable memory capacity Built-in Compact Flash (CF) and combination Secure Digital (SD) /MultiMedia Card (MMC) slots support memory cards and peripherals, such as a digital camera or wireless card Wireless communications such as infrared (i.e., IrDA), Bluetooth, and WiFi may also be built in
10.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Generic PDA Hardware Diagram System-level processor chip and the generic core components of most PDAs
11.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Palm OS Palm OS is an embedded operating system initially developed by U.S. Robotics’ owned Palm Computing, Inc. for personal digital assistants (PDAs) in 1996 Early Palm OS devices used 16- and 32-bit processors based on the Motorola DragonBall MC68328-family of microprocessors but recent devices use ARM architecture-based StrongArm and XScale microprocessors Palm OS and built-in applications are stored in ROM, while application and user data are stored in RAM Palm OS system software logically organizes ROM and RAM for a handheld device into one or more memory modules known as a card
12.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Palm OS (cont’d) Total available RAM store is divided into two logical areas: • Dynamic RAM is used as working space for temporary allocations • Storage RAM which is analogous to disk storage on a typical desktop system Palm OS storage memory is arranged in chunks called “records,” which are grouped into “databases” Palm file format (PFF) conforms to one of the three types defined below : • Palm Database – A record database used to store application data, such as contact lists, or user specific data • Palm Resource – A database similar to the Palm Database that contains application code and user interface objects • Palm Query Application – A database that contains World Wide Web content for use with Palm OS wireless devices
13.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Architecture of Palm OS Devices • Application • Operating System • Software API and Hardware Drivers • Hardware Architecture of Palm OS devices consists of the following layers: Application Operating System Hardware Hardware DriversSoftware API
14.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Architecture of Palm OS Devices (cont’d) The software Application Programming Interface (API) gives a degree of hardware independence to software developers, allowing applications to be executed under different hardware environments by recompiling the application Developers have the freedom to bypass the API and directly access the processor, providing more control of the processor and its functionality The Palm OS does not implement permissions on code and data, so any application can access and modify data
15.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Pocket PC Windows CE (WinCE) is the operating system for the handheld devices which is augmented with additional functionality to produce Pocket PC (PPC) Pocket PC supports a multitasking and multithreaded environment Pocket PC runs on a number of processors, but primarily appears on devices having Xscale, ARM, or SHx processors Various Pocket PC devices have ROM ranging from 32 to 64MB and RAM ranging from 32 to 128MB
16.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Pocket PC (cont’d) PIM and other user data normally reside in RAM, while the operating system and support applications reside in ROM An additional filestore can be allocated in unused ROM and made available for backing up files from RAM One or more card slots, such as a Compact Flash (CF) or Secure Digital (SD) card slot, are typically supported To prevent data loss when battery power is low, the lithium-ion battery must be recharged via the cradle, a power cable, or removed and replaced with a charged battery
17.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Architecture for Windows Mobile The architecture for Windows mobile consists of four layers i.e. Application, Operating System, Original Equipment Manufacturer (OEM), and Hardware The Original Equipment Manufacturer (OEM) Layer is the layer between the Operating System Layer and the Hardware Layer It contains the OEM Adaptation Layer (OAL), which consists of a set of functions related to system startup, interrupt handling, power management, profiling, timer, and clock Application (Internet client services, user interface,…) Operating System (Kernel, core DLL, object score, GWES, device mgt) Original Equipment Manufacturer (OEM) (OEM Adaption layer, drivers, configuration files) Hardware (Processor, memory, I/O,…)
18.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Architecture for Windows Mobile (cont’d) Within the Operating System Layer are the Windows mobile kernel and device drivers, whose purpose is to manage and interface with hardware devices Device drivers provide the linkage for the kernel to recognize the device and allow communications to be established between hardware and applications The Graphics, Windowing, and Events Subsystem (GWES) is also a part of the Operating System Layer and provides the interface between the user, the application, and the operating system GWES handles messages, events, and the user’s input from keyboard and mouse or stylus The object store includes three types of persistent storage within the Operating System Layer: file system, registry, and property databases
19.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Linux-based PDAs Linux is a multitasking, 32-bit operating system that supports multithreading Linux-based PDAs rests on the open source model and it has the ability to engage the software development community to produce useful applications Linux based PDA uses Embedix10, an embedded Linux kernel from Lineo, and Qtopia desktop environment from Trolltech for windowing and presentation technology Embedix is based on a networked kernel with built-in support for WiFi, Bluetooth, and wireless modem technologies, as well as associated security and encryption modules The device has a StrongARM processor, 16 MB of ROM, 64MB of RAM, and a 3.5-inch 240x320-pixel color LCD
20.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Architecture of the Linux OS for PDAs The Linux kernel is composed of modular components and subsystems that include device drivers, protocols, and other component types The kernel also includes the scheduler, the memory manager, the virtual filesystem, and the resource allocator Processing proceeds from the system call interface to request service from the hardware The hardware then provides the service to the kernel, returning results through the kernel to the system call interface
21.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited PDA Generic States • Devices are in the nascent state when received from the manufacturer – the device contains no user data and observes factory configuration settings Nascent State: • Devices that are in the active state are powered on, performing tasks, and able to be customized by the user and have their filesystems populated with data Active State: The following four states provide a simple but comprehensive generic model that applies to most PDAs:
22.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited PDA Generic States (cont’d) • It is a dormant mode where device conserves battery life while maintaining user data and performing other background functions Quiescent State: • This state is a state partway between active and quiescent; it is reached by a timer, which is triggered after a period of inactivity allowing battery life to be preserved by dimming the display and taking other appropriate actions Semi-Active State:
23.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited PDA Security Issues Password theft Virus attacks Data corruption Vulnerabilities in applications running Data theft Wireless vulnerabilities Theft of the device
24.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited ActiveSync and HotSync Features • ActiveSync synchronizes Windows based PDAs and smartphones with the desktop computer • ActiveSync handheld uses its cradle for connecting to the desktop PC • It can be protected with the password ActiveSync: • HotSync is the process of synchronizing elements between Palm OS devices and desktop PC • Elements that are synchronized include: • Outlook inbox • Contacts list • Calendar • Tasks and Notes HotSync:
25.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited ActiveSync Attacks Attacker tries to get the ActiveSync password by: • Password sniffing • Brute force or dictionary attacks After accessing the password, an attacker can steal private information or unleash the malicious code
26.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited HotSync Attack When HotSync enables to synchronize elements, the Palm OS opens TCP ports 14237 and 14238 as well as UDP port 14237 Attacker can open connections to these ports and can access private information or send the malicious code
27.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited PDA Forensics
28.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited PDA Forensic Steps Make the report Document everything Examine and analyze the information Acquire the information Preserve the evidence Identify the evidence Seize the evidence Secure and evaluate the scene
29.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Points to Remember while Conducting the Investigation • Preserve device in an active state with sufficient power • Take a photograph of the device • If charge is low, then replace the battery or charge with a proper power adaptor • Maintain sufficient charge in the replacement batteries If the device is switched on: • Leave the device in off state • Switch on the device and record current battery charge • Take a photograph of the device If device is switched off:
30.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Points to Remember while Conducting the Investigation (cont’d) • Avoid any further communication activities • Remove USB/Serial connection from PC • Seize cradle and chords If device is in its cradle: • Seize cradle and chords If device is not in its cradle: • Avoid further communication activities • Eliminate wireless activity by packing the device in an envelope, anti-static bag, and an isolation envelope • Take away wireless enabled cards If wireless is on/off:
31.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Points to Remember while Conducting the Investigation (cont’d) • Do not initiate any further activity inside the device • Do not remove any peripheral/media card If card is present in expansion card slot: • Seize related peripheral/media cards. If card is not present in expansion card slot: • Seize expansion sleeve • Seize other related peripherals/media cards If expansion sleeve is removed:
32.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Secure and Evaluate the Scene Provide security to all the individuals at the scene Photograph the entire scene and all the evidence Evaluate the scene and make a search plan Protect the integrity of the traditional and electronic evidence Secure all the evidence Document everything at the scene Avoid entry of unauthorized person at the scene
33.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Seize the Evidence Seize handheld and computer devices such as PDA device, device cradle, power supply, associated peripherals, media, and accessories Seize the memory devices such as SD, MMC, or CF semiconductor cards, microdrives, and USB tokens Collect non-electronic evidence such as written passwords, handwritten notes, computer printouts, and so on
34.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Identify the Evidence • Some PDAs may run two operating systems Identify the type of operating system: • Cradle Interface • Manufacturer Serial number • The Cradle type • Power Supply Interfaces that allow identification of a device: Identify the type of device
35.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Preserve the Evidence Preserve the evidence at secure place Keep the PDA in envelop and seal it to restrict physical access Keep the evidence in a secure area and away from extreme temperatures and high humidity Store the evidence away from magnetic sources, moisture, dust, physical shock, and static electricity
36.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Acquire the Information Acquisition is the process of imaging or extracting the information from a digital device or evidence and other peripheral devices Use the data acquisition tools such as PDA Seizure and techniques to extract and image information in the PDAs Collect both dynamic and volatile information • Volatile information must be given priority
37.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Data Acquisition Techniques Exploits ‘known authentication vulnerabilities’ of the device and system Apply brute force techniques to access the passwords of the device Access the device information using inbuilt backdoor by the manufacturers Extract data from memory chips independently of the device Reverse engineer the device’s operating system’s code to find and exploit a vulnerability
38.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Examine and Analyze the Information Recover the hidden information Use the steganalysis tools such as Stegdetect to extract the hidden information Check the images, videos, and document files Check the timing of the files Find out the author of files Use cryptanalysis tools such as Crank and Jipher to reveal the encrypted information Use the password cracking tools such as Cain and Abel and hydra, if the information is password protected Use various video players to open the video files
39.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Examine and Analyze the Information (cont’d) From analysis find out: What exactly happened? When the event occurred? Who was involved? How it occurred? How to detect and recover hidden information?
40.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Document Everything Document all the results from examination and analysis Document the following during labeling: • Case number • A precise description of the case • Date and time when the evidence was collected Photograph and document all the devices connected to the PDA Create a report documenting the state of the device during collection Maintain a chain of custody Preserve the documentation in a secure location
41.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Make the Report • Identity of the reporting agency • Case number • Name of Investigator • Date of report • Descriptive list of items submitted for examination • Identity and signature of the examiner • Devices and set-up used in the examination • Brief description of examination steps • Documentations of the evidence and other supporting items • Details about the following finding: • Information about the files • Internet related evidence • Data and image analysis • Techniques used for hiding and recovering the data • Report conclusion Forensic report may include the following:
42.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited PDA Forensics Tools
43.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited PDA Forensics Tools PDA Secure PDA Seizure EnCase SIM Card Seizure Palm dd (pdd) Duplicate Disk Pocket PC Forensic Software Mobile Phone Inspector Memory Card Data Recovery Software
44.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited PDA Secure PDA Secure offers the following features: • Enhanced password protection • Encryption • Device locking • Data wiping It allows administrators to have greater control over how handheld device are used on networks It allows administrators to set a time and date range to monitor network log-in attempts, infrared transmissions, and application usage
45.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited PDASecure: Screenshot
46.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Device Seizure Device Seizure has its roots in digital forensics with such things as PDD (Palm DD command line acquisition), deleted data recovery, full data dumps of certain cell phone models, logical and physical acquisitions of PDAs, data cable access, and advanced reporting • SMS History (Text Messages) • Deleted SMS (Text Messages) • Phonebook (both stored in the memory of the phone and on the SIM card) • Call History • Received Calls • Dialed Numbers • Missed calls • Call Dates & Durations • Datebook • Scheduler It can acquire the following data:
47.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Device Seizure: Screenshot
48.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited DS Lite Paraben's DS Lite is a device seizure and CSI Stick file viewing and analysis tool Palm OS console mode is used to acquire memory card information and create a bit-for-bit image of the selected memory region It can retrieve all user applications and databases
49.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited DS Lite: Screenshot
50.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited EnCase EnCase is used for acquiring or imaging the evidence EnCase software provides tools for the investigators to conduct complex investigations with accuracy and efficiency It stores evidence files on shared media for either data retention or examination
51.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited EnCase: Screenshot
52.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited SIM Card Seizure SIM Card Seizure recovers deleted sms/text messages and performs comprehensive analysis of SIM card data It takes the SIM Card acquisition and analysis components from Paraben's Device Seizure and puts it into a specialized SIM Card forensic acquisition and analysis tool Data acquired from SIM cards: Phase ID FDN fixed numbers SST SIM service table LND last dialed numbers ICCID serial number EXT1, EXT2 dialing extensions LP preferred languages variable SMSP text message parameters SPN service provider name CBMI preferred network messages MSISDN subscriber phone number LOCI location information Short dial number BCCH broadcast control channels
53.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited SIM Card Seizure: Screenshot
54.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Palm dd (pdd) Palm dd is a Windows-based tool for Palm OS memory imaging and forensic acquisition Palm OS console mode is used to acquire memory card information and create a bit-for-bit image of the selected memory region It can retrieve all user applications and databases
55.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Palm dd: Screenshot
56.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Duplicate Disk Duplicate Disk is an UNIX based utility which creates a bit-by-bit image of the device It executes directly on the PDA and can be invoked via a remote connection
57.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Pocket PC Forensic Software • Shows details of software and hardware architecture of Pocket PC like OS type, version, processor architecture, memory usage, and related information • Extracts phonebook number, appointments, task, IMEI number, SIM information, contact details, phone model, manufacturer ‘s details, and other related information Features: Pocket PC Forensic Software is an investigator utility that allows to examine Windows based Pocket PC and PDA mobile device It extracts files, database records, operating system registry records, and phone information
58.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Pocket PC Forensic Software: Screenshot
59.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Mobile Phone Inspector Mobile Phone Inspector provides the detailed information of any mobile phone memory and Sim memory status Information includes mobile manufacture’s name, mobile model number, mobile IMEI number, Sim IMSI number, signal quality and battery status of any supported mobile phone It also extracts the phonebook entries
60.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Mobile Phone Inspector: Screenshot
61.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Memory Card Data Recovery Software Memory card data recovery software recovers and restores images, documents, pictures, photos, audio, video files, and folders from all major memory card storage media • Recovers data from PC Card, Compact Flash (I, II), Smart Media, Multimedia Card (MMC), Secure Digital card, Mini-SD card, Micro-SD card, and xD-Picture Card • Recover data after formats, accidental deletion, or any other type of logical corruption • Data Retrieval Support for Compact Flash Memory card, Mobile Pocket PC, PDA, Handheld Computers, External mobile phone memory, Pen Drive, Memory Stick, Multimedia card, and other similar devices Features:
62.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Memory Card Data Recovery Software: Screenshot
63.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited PDA Security Countermeasures Install a firewall Disable all HotSync and ActiveSync features when there is no use Give a strong password Do not keep the passwords in desktop PC Install anti-virus on the device Encrypt the critical data in the device Do not use un-trusted Wi-Fi access points
64.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Summary PDA is a handheld device that combines computing, telephone/fax, Internet, and networking features PDAs can function as a cellular phone, fax sender, web browser, and a personal organizer PDA forensics include examination, identification, collection, and documentation While investigating PDA, it is necessary to secure, acquire, examine, present, and maintain the evidence
65.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
66.
EC-Council Copyright © by
EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Baixar agora