UNIVERSITY EXAMINATIONS: 2021
EXAMINATIONS FOR THE DEGREE OF BACHELOR OF SCIENCE IN
INFORMATION SECURITY AND FORENSICS / BACHELOR OF
SCIENCE IN APPLIED COMPUTING
BISF 2204/ BISF 2204: COMPUTER FORENSICS
FULL TIME/PART TIME
DATE: DECEMBER 2021 TIME: 2 HOURS
INSTRUCTIONS: Answer QUESTION ONE AND ANY OTHER TWO questions.
QUESTION ONE – COMPULSORY [20 MARKS]
a) Outline and explain what you need for the investigations to be successful and the
Recommended steps of an investigation on Email Abuse 5 Marks
b) Discuss in detail the Purpose of digital Forensics 4 Marks
c) The most critical aspect of computer forensics is validating digital evidence. Describe
different methods you can use to Validate digital evidence. 5 Marks
d) Existing laws and statutes simply can’t keep up with the rate of technological change.
Therefore, when statutes or regulations don’t exist, case law is used. Describe by giving
a relevant example what is a case law. 6 Marks
QUESTION TWO [15 MARKS]
a) Identify and explain the steps need for any computer forensics activities. 10 Marks
b) Explain the difference between A bit-stream copy and backup copy by giving examples.
QUESTION THREE [15 MARKS]
a) To investigate digital evidence effectively, you must understand how the most commonly
used OSs work and how they store files. Explain what a partition table is, stating where it
is located and its hexadecimal code offset. 10 Marks
b) It is a requirement that a computer forensics investigator must exhibit the highest level of
professional behavior at all times. Explain how one can maintain Professional Conduct.
QUESTION FOUR [15 MARKS]
KCA UNIVERSITY AFRICA would like to have digital forensic lab and the management have
called you to advise them on quality assurance components checklist. Outline and describe the
quality assurance checklist components that the digital forensics lab must have. 15 Marks