Задание:
1. Переведите текст на английский язык.
2. Напишите (на английском языке), насколько данное описание области "Computer forensics" совпадает с точкой зрения, представленной в предыдущем файле.
Обычно перед экспертом ставятся вопросы:
- о наличии на исследуемых объектах информации, относящейся к делу (в том числе, в неявном, удалённом, скрытом или зашифрованном виде);
- о возможности (пригодности) использования исследуемых объектов для определённых целей (например, для доступа в сеть);
- о действиях, совершённых с использованием объектов;
- о свойствах программ для ЭВМ, в частности, о принадлежности их ко вредоносным;
- об идентификации найденных электронных документов, программ для ЭВМ, пользователей компьютера.
Следующие вопросы не должны относиться к данному виду экспертизы, их включение в постановление представляется ошибочным:
- о лицензионности/контрафактности экземпляров программ, записанных на исследуемых объектах;
- о правомерности действий, произведённых с использованием исследуемых объектов;
- о стоимости компьютеров, носителей, лицензий на содержащиеся там программы;
- о переводах найденных текстов, интерфейсов программ, переписки и т. п.
from: http://ru.wikipedia.org/wiki/
Этот комментарий был удален автором.
ОтветитьУдалитьЭтот комментарий был удален автором.
ОтветитьУдалитьUsually the expert has following questions:
ОтветитьУдалитьAbout presence information on research objects , relevant (including, implicitly, deleted, hidden or encrypted sort);
About possibility (suitability) of usage of research objects for some purposes (for example, for access to a network);
About the operations made with usage of this objects;
About properties of the computer programs, in particular, about their accessory to the harmful;
About identification of the found electronic documents, the computer programs, users of the computer.
The following questions should not relate to this type of examination, their inclusion is wrong:
About license / counterfeit copies of the programs written on research objects;
lawfulness of the actions with the use of the objects;
About cost of computers, storage information, licences for this programs ;
About translations of the found texts, interfaces of programs, history of messages, etc.
In general, difference of these two texts is only a way of a spelling.
The first text more formal.The second text was written in art style.
The first text explains the common moments in this work.
Unlike the first, second text gives examples.
Also the second text describes the causes but the first text describes methods.
In my opinion the second text includes more helpful information.
but in general, they complement each other.
In general, this film is about hacking.
ОтветитьУдалитьOne of the main heroes is Mitnick.
This part of film shows an episode from the list of victories Mitnick.
He meets the person which is the agent FBI.
The agent wants that Mitnick hacked SAS.
Mitnick agrees to the deal.
Mitnick was a professional, and he knew that this agent.
He deceived a worker in SAS, and received the necessary information.
Also He contacted with creator of SAS and asked help.
most part of the work it was human communication.
agent could not arrest Mitnick before Mitnick hacked SAS.
But Mitnick finished all the work very quickly.
agent missed his chance.
In addition, Mitnick hacked agent's phone.
eventually mtnik was not arrested, he cheated agent, and hacked sas.
это на втоник которое
ОтветитьУдалитьСовсем забыла сделать новое сообщение под это задание :(
ОтветитьУдалитьСпасибо, что напомнили!
бывает)))
ОтветитьУдалитьTypically, the expert asks questions:
ОтветитьУдалить* The availability of an investigated object information relating to the case (including, implicitly, deleted, hidden or encrypted);
* The possibility of the use of the objects for specific purposes (for example, to access the network);
* Concerning acts committed with the use of facilities;
* About the properties of computer programs, in particular, about their belonging to malware;
* The identification of found electronic documents, computer programs, computer users.
The following questions should not relate to this type of examination, their inclusion in the decision appears to be misleading:
* The license / counterfeit copies of programs recorded on the studied objects;
* About the legality of actions made against the investigated objects;
* The cost of computers, media, licensing program contained therein;
* Translation of the found text, interfaces, programs, correspondence, etc.
In the first text describes a computer expertise, and what steps (types) of expertise it can be divided. In the second text describes what should and what should not do expert during the expertise.
Usually the expert has following questions:
ОтветитьУдалить-the availability the information on the investigated object relating to the case (including, implicitly, deleted, hidden or encrypted form);
-the possibility(suitability) of using the investigated objects for specific purposes (for example, to access the network);
-the actions performed with the use of the objects;
-the properties of computer programs, in particular, supplies them to malware;
-the identification of found electronic documents, computer programs, computer users.
The following questions should not relate to this type of expertise, their inclusion in the decision appears to be misleading:
-the license / counterfeit copies of programs recorded on the studied objects;
-the legality of actions made with the use of the investigated objects;
-the cost of computers, media, licensing program contained therein;
-the translates of found texts, interfaces, programs, correspondence, etc.
The first text is about the computer expertise. It shows the structure and parts of the expertise.
The second text is the questions relating or not relating to expert.
Usually the expert has following questions:
ОтветитьУдалитьAbout presence on researched objects of the information relating to the case (including, in the implicit, remote, hidden or encrypted types);
About possibility (suitability) of usage of researched objects for definite purposes (for example, for access to a network);
About the operations made with usage of objects;
About properties of the computer programs, in particular, about supplies them to malware;
About identification of the found electronic documents, the computer programs, users of the computer.
The following questions should not relate to this type of examination, their inclusion in the decision is represented wrong:
About license / counterfeit copies of programs written on researched objects;
About legitimacy of the operations made with usage of researched objects;
About cost of computers, carriers, licences for programs containing there;
About translations of the found texts, interfaces of programs, messages, etc.
The second text is continuation of the first text. The first text about computer forensics and about the reasons of its usage. The second text about that are supposed to do experts.
Этот комментарий был удален автором.
ОтветитьУдалитьUsually before the expert questions are put:
ОтветитьУдалить1)about presence of information concerning to the case in the researching objects(including implicit, remote, hidden or encrypted )
2)about possibility of using researching objects for defined purposes (e.g. network access)
3)about actions made with using of objects
4)about properties of the programs for computers, in particular about their concerning to the viruses
5)about identification of found documents , programs for computer or computer users
Next questions mustn’t relate to this type of computer forensics, their inclusion is wrong
1)are copies of programs, written on researching objects, license or counterfeit
2)about legitimacy of actions, made with using of researching objects
3)about cost of the computers, carriers and licenses on the programs they contain
4)about translations of found texts, program interface, correspondence and etc.
I think this description of computer forensics and previous are similar but not in all. Previous description is more general and describes all sides of computer forensics including using of it for litigation or performing optimization. And this description is more concrete, focused on properties and actions of researching objects.
In this fragment we’ve seen how Kevin Mitnick had fooled FBI agents and got all information about SAS.
ОтветитьУдалитьFirst, FBI agent tried to make Kevin and his partner interested about SAS to catch them when they will try to corrupt it. Then Kevin called to one telephone company and using false name get some information about SAS and how it works. After that he called to the man, whose was in team, created SAS, and told him that his system is great and Kevin want to take him to the work. Man offered Mitnick to see system closer if Kevin will return source code back and Kevin agreed. Next Mitnick met with the friend of SAS creator and thus received source code of it.
Next time when FBI agent met with Kevin, Mitnick showed system to him, and officer was shocked.
Usually in front of expert are put questions:
ОтветитьУдалить*about presence on investigated objects of the relevant information (including, in the implicit, remote, latent or encrypted form);
*about possibility (suitability) of use of investigated objects for definite purposes (for example, for access to network);
*about the actions made with use of objects;
*about properties of the computer programs, in particular, about their accessory to the harmful program;
*about identification of the found electronic documents, the computer programs, users of the computer.
Following questions should not belong to the given kind of expertise, their inclusion into decision is represented erroneous:
*about licensing/counterfeiting copies of the programs which have been record on investigated objects;
*about legitimacy of the actions made with use of investigated objects;
*about cost of computers, storage medium, licences for programs containing there;
*about transfers of the found texts, interfaces of programs, correspondences, etc.
I think that first and second descriptions of "Computer forensics" are similar. In both descriptions includes the same questions of given type of expertise and describes same subject, namely some digital artifact which store need information, its property and actions with it. Difference only that the first description show application methods this expertise and considers subspecies of computer forensics.
Usually expert has following questions:
ОтветитьУдалить* about presence of information on testing objects (including latent, remote, hiden or encrypted form of information)
* about pocibility (suitability) of using objects under tests for certain aims (for examlpe, for network access)
* about actions performed using objects
* about features of computer programs, specifically about belonging to the class of malware
* about identification of retrieved electronic documents, computer programs, computer users
Following questions should not relate to this kind of expertise, their inclusion in decision is wrong
* about licenced/counterfeit copy of the programs written on testing objects
* about legality of certain activities with testing objects
* about the cost of computers, mediums, program licences
* about translations of found texts, program interfaces, correspondence etc.
насчет предыдущего файла не понял
Usually the expert be asked such questions as:
ОтветитьУдалить-the presence of information relating to the case (including implicitly, deleted, hidden or encrypted) on the investigated object;
-the possibility of the researched objects to be used for the specific purposes (for example, to access the network);
-the acts performed with the use of objects;
-the properties of computer programs, in particular, supplies them to malware;
-the identification of found electronic documents, computer programs, computer users.
The following questions should not relate to this type of examination, their inclusion in the decision appears to be misleading:
-the license / counterfeit of copies of programs stored on the researched objects;
-the legality of actions made against the researched objects;
-the cost of computers, storage devices, licensing of programs stored on them;
-the translations of found texts, interfaces, programs, correspondence, etc.
Usually, the experts asks questions:
ОтветитьУдалить- the exists of relating to the case an investigated object information (including, implicitly, remoted, hidden or encrypted) ;
- the possibility to use of investigated objects for specific purposes (for example, to access the network) ;
- the actions performed using objects ;
- the properties of computer programs, in particular, belonging to a malware ;
- the identification of found electronic documents, computer programs, computer users ;
The next following questions should not relate to the kind of forensic. Their inclusion on the ruling is mistake:
- the license/pirate copies of software on the investigated objects ;
- about the legality using of the investigated objects ;
- the cost of computers, storages, licenses to the programs ;
- the translations of found texts, interfaces of programs, correspondense, etc.
Alex Kondratev