Computer Forensics Principles and Practices by Volonino, Anzaldua, and Godwin Chapter 6: Operating Systems and Data Transmission Basics for Digital Investigations.

Slides:



Advertisements
Similar presentations
Operating-System Structures
Advertisements

COMPUTERS: TOOLS FOR AN INFORMATION AGE Chapter 3 Operating Systems.
Operating System Structures
OSI Model OSI MODEL.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,
Allocation Methods - Contiguous
Computer Forensics Principles and Practices by Volonino, Anzaldua, and Godwin Chapter 6: Operating Systems and Data Transmission Basics for Digital Investigations.
5.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.
1 DOS with Windows 3.1 and 3.11 Operating Environments n Designed to allow applications to have a graphical interface DOS runs in the background as the.
Operating Systems.
Installing Windows XP Professional Using Attended Installation Slide 1 of 41Session 2 Ver. 1.0 CompTIA A+ Certification: A Comprehensive Approach for all.
OIS Model TCP/IP Model.
Lecture slides prepared for “Business Data Communications”, 7/e, by William Stallings and Tom Case, Chapter 8 “TCP/IP”.
AN INTRODUCTION TO LINUX OPERATING SYSTEM Zihui Han.
Operating System.
Protocols and the TCP/IP Suite Chapter 4. Multilayer communication. A series of layers, each built upon the one below it. The purpose of each layer is.
Week 6 Operating Systems.
Section 6.1 Explain the development of operating systems Differentiate between operating systems Section 6.2 Demonstrate knowledge of basic GUI components.
Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.
Lesson 4 Computer Software
Operating Systems Basic PC Maintenance, Upgrade and Repair Mods 1 & 2.
Computer Concepts 2013 Chapter 4 Operating Systems and File Management.
Chapter 4 Operating Systems and File Management. 4 Chapter 4: Operating Systems and File Management 2 Chapter Contents  Section A: Operating System Basics.
1 Chapter Overview Network Operating Systems Network Clients Directory Services.
A+ Guide to Managing and Maintaining Your PC Fifth Edition Chapter 15 Installing and Using Windows XP Professional.
 FILE S SYSTEM  DIFFERENT FILE SYSTEMS  FILE SYSTEM COMPONENTS  FILE OPERATIONS  LOG STRUCTERD FILE SYSTEM  FILE EXAMPLES.
Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.
Chapter 4 System Software.
NetworkProtocols. Objectives Identify characteristics of TCP/IP, IPX/SPX, NetBIOS, and AppleTalk Understand position of network protocols in OSI Model.
Presentation on Osi & TCP/IP MODEL
4 1 Operating System Activities  An operating system is a type of system software that acts as the master controller for all activities that take place.
ITE 1 Chapter 5. Chapter 5 is a Large Chapter It has a great deal of useful information about operating systems. You will find this VERY helpful when.
Protocol Architectures. Simple Protocol Architecture Not an actual architecture, but a model for how they work Similar to “pseudocode,” used for teaching.
Introduction to Computer Networks Introduction to Computer Networks.
Window NT File System JianJing Cao (#98284).
Internet Addresses. Universal Identifiers Universal Communication Service - Communication system which allows any host to communicate with any other host.
How Hardware and Software Work Together
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Network Services Networking for Home and Small Businesses – Chapter 6.
Department of Electronic Engineering City University of Hong Kong EE3900 Computer Networks Introduction Slide 1 A Communications Model Source: generates.
Data Transmission Basics for Digital Investigations.
A+ Guide to Managing and Maintaining Your PC Fifth Edition Chapter 13 Understanding and Installing Windows 2000 and Windows NT.
© Paradigm Publishing Inc. 4-1 OPERATING SYSTEMS.
William Stallings Data and Computer Communications
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,
Page 1 Printing & Terminal Services Lecture 8 Hassan Shuja 11/16/2004.
© Paradigm Publishing, Inc. 4-1 Chapter 4 System Software Chapter 4 System Software.
Chapter 9: Networking with Unix and Linux. Objectives: Describe the origins and history of the UNIX operating system Identify similarities and differences.
NTFS Filing System CHAPTER 9. New Technology File System (NTFS) Started with Window NT in 1993, Windows XP, 2000, Server 2003, 2008, and Window 7 also.
CEG 2400 FALL 2012 Windows Servers Network Operating Systems.
COMPUTER NETWORK AND DESIGN CSCI 3385K. Host-to-Host Communications Model Older model Proprietary Application and combinations software controlled by.
CEG 2400 FALL 2012 Linux/UNIX Network Operating Systems.
Hands-On Microsoft Windows Server 2008 Chapter 7 Configuring and Managing Data Storage.
Computer Engineering and Networks, College of Engineering, Majmaah University Protocols OSI reference MODEL TCp /ip model Mohammed Saleem Bhat
Instructor: Syed Shuja Hussain Chapter 4: Operating System Basics.
Copyright © 2003 by Prentice Hall 1 Computers: Tools for an Information Age Chapter 3 Operating Systems: Software in the Background BSM025 Computers.
OSI Model OSI MODEL. Communication Architecture Strategy for connecting host computers and other communicating equipment. Defines necessary elements for.
OSI Model OSI MODEL.
Chapter 2 Operating Systems
Operating System & Application Software
Lecture 1-Part 2: Operating-System Structures
Chapter 12: File System Implementation
Lecturer, Department of Computer Application
Using MIS 2e Chapter 6 Appendix
Windows XP File Systems
DEPARTMENT OF COMPUTER SCIENCE
What is an Operating System?
Chapter 3: Windows7 Part 4.
Chapter 3: Open Systems Interconnection (OSI) Model
Chapter 2: System Structures
OSI Model OSI MODEL.
Presentation transcript:

Computer Forensics Principles and Practices by Volonino, Anzaldua, and Godwin Chapter 6: Operating Systems and Data Transmission Basics for Digital Investigations

© Pearson Education Computer Forensics: Principles and Practices 2 Objectives Define and recognize an operating system Identify the different types of operating system interfaces Identify the different components of an operating system Understand and identify the different file systems

© Pearson Education Computer Forensics: Principles and Practices 3 Objectives (Cont.) Understand the OSI and TCP models Understand the basics of how data is transmitted on networks

© Pearson Education Computer Forensics: Principles and Practices 4 Introduction Hardware and software work together to run the computer. It is important to understand what operating system you are dealing with, in order to understand how and where data is stored on the storage device(s). This chapter provides this foundation, along with how data is communicated from host to host across a network.

© Pearson Education Computer Forensics: Principles and Practices 5 What Is an Operating System? Simply stated, an operating system is a program that controls how a computer functions  OS controls how data is accessed, saved, and organized on a storage device Core of the operating system is called the kernel

© Pearson Education Computer Forensics: Principles and Practices 6 Operating System Functions An operating system provides:  Some type of user interface  Single-user or multiple-user access to applications  File management  Memory management  Job management  Device management  Security

© Pearson Education Computer Forensics: Principles and Practices 7 Types of Interfaces A user interface is the way a user communicates with the computer User interface may also be known as a shell Two major interface types:  Graphical user interface (GUI)  Command-line interface (CLI)

© Pearson Education Computer Forensics: Principles and Practices 8 Categories of Use Single-user systems  Designed to be used by only one user  DOS is a single-user single-tasking system  Windows is a single-user multitasking system Multiple-user systems  Allow multiple users to access the same application  Servers and UNIX/Linux are multiple-user systems

© Pearson Education Computer Forensics: Principles and Practices 9 File and Memory Management The OS controls reading, writing, accessing, and modification of data Basic units of file management are files and folders or directories Memory management deals with temporary storage or use of applications and data The OS controls where applications and data are stored in memory

© Pearson Education Computer Forensics: Principles and Practices 10 Job and Device Management Computers can execute only one instruction at a time per processor or CPU The OS controls the order in which tasks or jobs are processed The OS acts as an intermediary between application software and physical hardware The OS uses device drivers to manage hardware devices

© Pearson Education Computer Forensics: Principles and Practices 11 Security The primary method of security is to have the user authenticate his credentials when he logs into a system Newer operating systems are implementing rights and permissions to files and folders to increase security of OS

© Pearson Education Computer Forensics: Principles and Practices 12 In Practice: Iraqi Computer Disks and Hard Drives Recovered Computer disks and hard drives recovered from Iraq and Afghanistan during Saddam Hussein’s regime  2 million items including: Handwritten notes Typed documents Audiotapes Videotapes CDs, floppy disks, and hard drives

© Pearson Education Computer Forensics: Principles and Practices 13 Common Operating Systems DOS Windows Linux UNIX Macintosh

© Pearson Education Computer Forensics: Principles and Practices 14 DOS and Windows 3.X DOS was one of the first personal computer operating systems Command-line interface required users to know DOS commands and syntax Windows 3.1 was the first stable GUI from Microsoft Windows 3.1 was an application on top of DOS rather than a true operating system Windows 3.11 added network capability

© Pearson Education Computer Forensics: Principles and Practices 15 Windows 95 and Windows 98 Windows 95 innovations include  Plug and play  Registry  Network and Internet capability Windows 98 enhancements include  Power management features  Upgrade capability via the Internet  Automated registry checks and repairs  Upgraded plug and play support

© Pearson Education Computer Forensics: Principles and Practices 16 Windows NT Windows NT (New Technology) innovations include:  Privileged mode, which allows NT to isolate applications so one can be shut down without affecting others  Support for multiple CPU processors  Multilayered security functions such as File and folder access protection via permissions Network share protection and auditing capability Use of domain controllers

© Pearson Education Computer Forensics: Principles and Practices 17 Windows 2000 Windows 2000 based on NT technology with some improvements in the areas of security and networking:  Group policies  Secure authentication  File encryption

© Pearson Education Computer Forensics: Principles and Practices 18 Windows XP Same kernel as Windows 2000 New GUI, simple firewall, remote control access, and increased speed of OS Versions: XP Home, XP Professional Server versions: Server 2003 XP Home is the upgrade path from Windows ME

© Pearson Education Computer Forensics: Principles and Practices 19 Linux Linux is a relatively new OS based on the UNIX OS Linux advantages:  Free or inexpensive  Can run on older equipment  Can run a multitude of hardware platforms  Fast and stable

© Pearson Education Computer Forensics: Principles and Practices 20 UNIX Most operating systems can trace their roots to UNIX Two main “camps” in the UNIX world:  Berkeley Software Distribution (BSD)  System V Release 4 (SVR4) UNIX is a true multiuser multitasking OS designed with security in mind UNIX can use either a CLI or GUI

© Pearson Education Computer Forensics: Principles and Practices 21 Macintosh Macintosh was the first stable GUI and still the most intuitive GUI on the market Initial Apple philosophy was tight control over hardware and software Recently Apple changed processors which allows a Mac to also run Windows XP

© Pearson Education Computer Forensics: Principles and Practices 22 Common File System Types Function of a file system is to manage files and folders on a system The OS performs the following to help with this:  Partitions and formats storage devices  Creates a standard for naming files and folders  Maintains the integrity of files and folders  Provides for error recovery  Provides for security of the file system

© Pearson Education Computer Forensics: Principles and Practices 23 Common File System Types (Cont.) FAT (file allocation table) file system  File allocation table is a directory the OS uses to keep track of where files are  Root directory is the top directory on a FAT system FAT16  Uses 16 bits in the file allocation table  Uses the 3-character extension to identify file type  Can assign attributes to files and folders

© Pearson Education Computer Forensics: Principles and Practices 24 Common File System Types (Cont.) FAT 32  Expands the capabilities of FAT 16  Designed to accommodate large hard drives  Designed to use space more efficiently  2 terabyte limit on partition size  4GB file size (double FAT 16)

© Pearson Education Computer Forensics: Principles and Practices 25 Common File System Types (Cont.) NTFS (New Technology File System) introduced the following features:  Long file name support  Ability to handle large storage devices  Built-in security controls  POSIX support  Volume striping  File compression  Master file table (MFT)

© Pearson Education Computer Forensics: Principles and Practices 26 Common File System Types (Cont.) UNIX/Linux  Can handle many different file systems  UNIX file system (UFS) is most native format  Extended file system (EXT) is primarily used by Linux  UNIX uses inodes, clearinghouses of information about files on UNIX systems  To access the actual file system, a superblock is created

© Pearson Education Computer Forensics: Principles and Practices 27 OSI Model Standard was needed for companies to communicate with each other via their computer systems OSI model released in 1984 Created by the International Organization for Standardization (ISO) OSI model breaks down complexity of data communications into a simple layered approach

© Pearson Education Computer Forensics: Principles and Practices 28 OSI Model (Cont.) Advantages of layered approach:  Different hardware/software vendors have a standard to follow for designing products  Collaboration between companies to develop network components is easier  Changes in one layer are not carried over into other layers  Network design is broken down into smaller, more manageable parts  Problem resolution is easier because problems are usually confined to a single layer

© Pearson Education Computer Forensics: Principles and Practices 29 OSI Model (Cont.) Layer 7: Application layer functions  Allows access to network services that support applications  Handles network access, flow control, and error recovery Layer 6: Presentation layer functions  Converts all formats into a common uniform format  Protocol and character conversion  Encryption/decryption

© Pearson Education Computer Forensics: Principles and Practices 30 OSI Model (Cont.) Layer 5: Session layer functions  Establishes identification to exclude non- communicating hosts  Establishes checkpoints  Manages data transmit times and length Layer 4: Transport layer functions  Regulates flow control  Uses acknowledgements  Enables error handling

© Pearson Education Computer Forensics: Principles and Practices 31 OSI Model (Cont.) Layer 3: Network layer functions  Logical addressing (IP addressing)  Translating logical addresses to physical addressing  Packet switching  Routing

© Pearson Education Computer Forensics: Principles and Practices 32 OSI Model (Cont.) Layer 2: Data link layer functions  Conversion of packets into raw bits  Error correction  Flow control Layer 1: Physical layer functions  Defines hardware standards  Transmits raw data over different mediums  Defines protocols on how to transmit raw data over different mediums

© Pearson Education Computer Forensics: Principles and Practices 33 OSI Model (Cont.) Data flow in the OSI model  Protocols that function at each layer on Host A communicate with the corresponding layer on Host B  Protocol data units (PDUs) are used to include header information on the packet being sent from host to host  Each layer depends on the layer below it for services, and each layer above adds PDUs via encapsulation

© Pearson Education Computer Forensics: Principles and Practices 34 TCP/IP Model De facto standard for communications Direct result of the Department of Defense efforts to require a protocol that could survive wartime situations and still communicate with other hosts via different communication mediums Has only four layers as compared to seven layers of OSI model

© Pearson Education Computer Forensics: Principles and Practices 35 TCP/IP Model (Cont.) OSI ModelTCP/IP Model Application Presentation Session Transport NetworkInternet Data Link Network Interface Physical

© Pearson Education Computer Forensics: Principles and Practices 36 TCP/IP Model (Cont.) Application layer combines application, presentation, and session layers of OSI model Transport layer similar to that in OSI model Internet layer corresponds to layer of same name in OSI model in form and function Network interface layer combines data link layer and physical layer of OSI model

© Pearson Education Computer Forensics: Principles and Practices 37 TCP/IP Model (Cont.) How data is transmitted on a network Switching networks  Packet switching  Circuit switching  Message switching

© Pearson Education Computer Forensics: Principles and Practices 38 Summary The operating system is the program that controls the basic functions of a computer The OS is the intermediary between the hardware and the software of a computer Two types of interfaces  Command line (CLI)  Graphical user (GUI)

© Pearson Education Computer Forensics: Principles and Practices 39 Summary (Cont.) Functions basic to an OS:  File management  Memory management  Job management  Device management  Security management There are a variety of operating systems:  Windows, UNIX/Linux, Macintosh, DOS

© Pearson Education Computer Forensics: Principles and Practices 40 Summary (Cont.) Various file systems are used:  FAT16, FAT32, NTFS, EXT, UFS, etc. OSI model standardized the method of transmitting data on a network using a seven- layer approach  Application, presentation, session, transport, network, data link, and physical

© Pearson Education Computer Forensics: Principles and Practices 41 Summary (Cont.) TCP/IP model consists of four layers:  Application, transport, Internet, network interface  De facto standard on the Internet Two address schemes are used to transmit data across networks  Logical addressing  Physical addressing

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.