UNIVERSITY EXAMINATIONS: 2018/2019
EXAMINATION FOR THE DEGREE OF BACHELOR OF APPLIED
COMPUTING
BAC5211 WIRELESS AND MOBILE FORENSICS
FULL TIME/PART TIME
DATE: APRIL, 2019 TIME: 2 HOURS
INSTRUCTIONS: Answer Question One & ANY OTHER TWO questions.
QUESTION ONE [30 MARKS]
a) Discuss the challenges of digital evidence. 4 Marks
b) What are the roles of a First Responder? 5 Marks
c) Outline the procedure for investigating a computer crime. 5 Marks
d) What are the roles of an expert witness? 4 Marks
e) Discuss the steps to follow in building a forensics investigation team 6 Marks
f) Outline the procedure for documenting the scene and preserving the evidence.
6 Marks
QUESTION TWO [20 MARKS]
a) Discuss the methods used to identify a mobile device. 4 Marks
b) Discuss any three types of expert witness. 6 Marks
c) Discuss the methodologies used to detect wireless connections. 6 Marks
d) Even when everyone acknowledges that a computer crime has been committed,
computer crime is hard to prosecute. State four reasons why it is hard to prosecute
computer crimes. 4 Marks
QUESTION THREE [20 MARKS]
a) Discuss the characteristics of digital evidence. 6 Marks
b) Outline the best practices for assessing evidence. 6 Marks
c) A computer Forensics Lab is a designated location for conducting computer-based
investigation on the collected evidence. What is included in setting up a Forensics Lab?
8 Marks
QUESTION FOUR [20 MARKS]
a) Outline the procedure for acquiring data from SIM cards 8 Marks
b) Discuss the aspects of a good forensics report 6 Marks
c) Describe the following types of wireless attacks:
(i) Evil Twin AP 2 Marks
(ii) War driving 2 Marks
(iii) Rogue access point 2 Marks
QUESTION FIVE [20 MARKS]
a) Outline an overview of Encase Forensics tool 5 Marks
b) Describe the features of FTK toolkit 5 Marks
c) Describe the features of a good wireless forensics tool 6 Marks
d) State any four features of a good wireless forensics tool. 4 Marks