Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computer Forensics Principles and Practices by Volonino, Anzaldua, and Godwin Chapter 6: Operating Systems and Data Transmission Basics for Digital Investigations.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Computer Forensics Principles and Practices by Volonino, Anzaldua, and Godwin Chapter 6: Operating Systems and Data Transmission Basics for Digital Investigations."— Presentation transcript:

1 Computer Forensics Principles and Practices by Volonino, Anzaldua, and Godwin Chapter 6: Operating Systems and Data Transmission Basics for Digital Investigations

2 © Pearson Education Computer Forensics: Principles and Practices 2 Objectives Define and recognize an operating system Identify the different types of operating system interfaces Identify the different components of an operating system Understand and identify the different file systems

3 © Pearson Education Computer Forensics: Principles and Practices 3 Introduction Hardware and software work together to run the computer. It is important to understand what operating system you are dealing with, in order to understand how and where data is stored on the storage device(s). This chapter provides this foundation.

4 © Pearson Education Computer Forensics: Principles and Practices 4 What Is an Operating System? Simply stated, an operating system is a program that controls how a computer functions  OS controls how data is accessed, saved, and organized on a storage device Core of the operating system is called the kernel

5 © Pearson Education Computer Forensics: Principles and Practices 5 Operating System Functions An operating system provides:  Some type of user interface  Single-user or multiple-user access to applications  File management  Memory management  Job management  Device management  Security

6 © Pearson Education Computer Forensics: Principles and Practices 6 Types of Interfaces A user interface is the way a user communicates with the computer User interface may also be known as a shell Two major interface types:  Graphical user interface (GUI)  Command-line interface (CLI)

7 © Pearson Education Computer Forensics: Principles and Practices 7 Categories of Use Single-user systems  Designed to be used by only one user  DOS is a single-user single-tasking system  Windows is a single-user multitasking system Multiple-user systems  Allow multiple users to access the same application  Servers and UNIX/Linux are multiple-user systems

8 © Pearson Education Computer Forensics: Principles and Practices 8 File and Memory Management The OS controls reading, writing, accessing, and modification of data Basic units of file management are files and folders or directories Memory management deals with temporary storage or use of applications and data The OS controls where applications and data are stored in memory

9 © Pearson Education Computer Forensics: Principles and Practices 9 Job and Device Management Computers can execute only one instruction at a time per processor or CPU The OS controls the order in which tasks or jobs are processed The OS acts as an intermediary between application software and physical hardware The OS uses device drivers to manage hardware devices

10 © Pearson Education Computer Forensics: Principles and Practices 10 Security The primary method of security is to have the user authenticate his credentials when he logs into a system Newer operating systems are implementing rights and permissions to files and folders to increase security of OS

11 © Pearson Education Computer Forensics: Principles and Practices 11 Common Operating Systems DOS Windows Linux UNIX Macintosh

12 © Pearson Education Computer Forensics: Principles and Practices 12 DOS and Windows 3.X DOS was one of the first personal computer operating systems Command-line interface required users to know DOS commands and syntax Windows 3.1 was the first stable GUI from Microsoft Windows 3.1 was an application on top of DOS rather than a true operating system Windows 3.11 added network capability

13 © Pearson Education Computer Forensics: Principles and Practices 13 Windows 95 and Windows 98 Windows 95 innovations include  Plug and play  Registry  Network and Internet capability Windows 98 enhancements include  Power management features  Upgrade capability via the Internet  Automated registry checks and repairs  Upgraded plug and play support

14 © Pearson Education Computer Forensics: Principles and Practices 14 Windows NT Windows NT (New Technology) innovations include:  Privileged mode, which allows NT to isolate applications so one can be shut down without affecting others  Support for multiple CPU processors  Multilayered security functions such as File and folder access protection via permissions Network share protection and auditing capability Use of domain controllers

15 © Pearson Education Computer Forensics: Principles and Practices 15 Windows 2000 Windows 2000 based on NT technology with some improvements in the areas of security and networking:  Group policies  Secure authentication  File encryption

16 © Pearson Education Computer Forensics: Principles and Practices 16 Windows XP Same kernel as Windows 2000 New GUI, simple firewall, remote control access, and increased speed of OS Versions: XP Home, XP Professional Server versions: Server 2003 XP Home is the upgrade path from Windows ME

17 Windows Vista and 7 Various versions of each created Updated GUI and search function Improved backup and restore features (shadow copies and restore points) Improved home networking and peer-to-peer communication features New version of.NET Framework built-in Improved security to stop common exploits and vulnerabilities Logical disk manager allows shrinking volumes Virtual hard disk support (Win 7) © Pearson Education Computer Forensics: Principles and Practices 17

18 © Pearson Education Computer Forensics: Principles and Practices 18 Linux Linux is a relatively new OS based on the UNIX OS Linux advantages:  Free or inexpensive  Can run on older equipment  Can run a multitude of hardware platforms  Fast and stable

19 © Pearson Education Computer Forensics: Principles and Practices 19 UNIX Most operating systems can trace their roots to UNIX Two main “camps” in the UNIX world:  Berkeley Software Distribution (BSD)  System V Release 4 (SVR4) UNIX is a true multiuser multitasking OS designed with security in mind UNIX can use either a CLI or GUI

20 © Pearson Education Computer Forensics: Principles and Practices 20 Macintosh Macintosh was the first stable GUI and still the most intuitive GUI on the market Initial Apple philosophy was tight control over hardware and software Recently Apple changed processors which allows a Mac to also run Windows XP

21 © Pearson Education Computer Forensics: Principles and Practices 21 Common File System Types Function of a file system is to manage files and folders on a system The OS performs the following to help with this:  Partitions and formats storage devices  Creates a standard for naming files and folders  Maintains the integrity of files and folders  Provides for error recovery  Provides for security of the file system

22 © Pearson Education Computer Forensics: Principles and Practices 22 Common File System Types (Cont.) FAT (file allocation table) file system  File allocation table is a directory the OS uses to keep track of where files are  Root directory is the top directory on a FAT system FAT16  Uses 16 bits in the file allocation table  Uses the 3-character extension to identify file type  Can assign attributes to files and folders

23 © Pearson Education Computer Forensics: Principles and Practices 23 Common File System Types (Cont.) FAT 32  Expands the capabilities of FAT 16  Designed to accommodate large hard drives  Designed to use space more efficiently  2 terabyte limit on partition size  4GB file size (double FAT 16)

24 © Pearson Education Computer Forensics: Principles and Practices 24 Common File System Types (Cont.) NTFS (New Technology File System) introduced the following features:  Long file name support  Ability to handle large storage devices  Built-in security controls  POSIX support  Volume striping  File compression  Master file table (MFT)

25 © Pearson Education Computer Forensics: Principles and Practices 25 Common File System Types (Cont.) UNIX/Linux  Can handle many different file systems  UNIX file system (UFS) is most native format  Extended file system (EXT) is primarily used by Linux  UNIX uses inodes, clearinghouses of information about files on UNIX systems  To access the actual file system, a superblock is created

26 © Pearson Education Computer Forensics: Principles and Practices 26 Summary The operating system is the program that controls the basic functions of a computer The OS is the intermediary between the hardware and the software of a computer Two types of interfaces  Command line (CLI)  Graphical user (GUI)

27 © Pearson Education Computer Forensics: Principles and Practices 27 Summary (Cont.) Functions basic to an OS:  File management  Memory management  Job management  Device management  Security management There are a variety of operating systems:  Windows, UNIX/Linux, Macintosh, DOS

28 © Pearson Education Computer Forensics: Principles and Practices 28 Summary (Cont.) Various file systems are used:  FAT16, FAT32, NTFS, EXT, UFS, etc.

Download ppt "Computer Forensics Principles and Practices by Volonino, Anzaldua, and Godwin Chapter 6: Operating Systems and Data Transmission Basics for Digital Investigations."

Similar presentations

Operating-System Structures

Operating-System Structures
COMPUTERS: TOOLS FOR AN INFORMATION AGE Chapter 3 Operating Systems.

COMPUTERS: TOOLS FOR AN INFORMATION AGE Chapter 3 Operating Systems.
Operating System Structures

Operating System Structures
What is an operating system? Is it software?

What is an operating system? Is it software?
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,
What You Will Learn Components of a computer’s system software The importance of an operating system Functions of an operating system Types of user interfaces.

What You Will Learn Components of a computer’s system software The importance of an operating system Functions of an operating system Types of user interfaces.
1 Chapter 2 Operating Systems: Software in the Background.

1 Chapter 2 Operating Systems: Software in the Background.
Operating Systems BTEC IT Practitioners.

Operating Systems BTEC IT Practitioners.
5.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.

5.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.
1 DOS with Windows 3.1 and 3.11 Operating Environments n Designed to allow applications to have a graphical interface DOS runs in the background as the.

1 DOS with Windows 3.1 and 3.11 Operating Environments n Designed to allow applications to have a graphical interface DOS runs in the background as the.
Operating Systems.

Operating Systems.
Operating Systems.

Operating Systems.
Installing Windows XP Professional Using Attended Installation Slide 1 of 41Session 2 Ver. 1.0 CompTIA A+ Certification: A Comprehensive Approach for all.

Installing Windows XP Professional Using Attended Installation Slide 1 of 41Session 2 Ver. 1.0 CompTIA A+ Certification: A Comprehensive Approach for all.
Chapter 4: Operating Systems and File Management 1 Operating Systems and File Management Chapter 4.

Chapter 4: Operating Systems and File Management 1 Operating Systems and File Management Chapter 4.
Operating System.

Operating System.
SOFTWARE.

SOFTWARE.
A+ Guide to Software, 4e Chapter 1 Introducing Operating Systems.

A+ Guide to Software, 4e Chapter 1 Introducing Operating Systems.
Chapter 3  Manage the computer’s resources ◦ CPU ◦ Memory ◦ Disk drives ◦ Printers  Establish a user interface  Execute and provide services for applications.

Chapter 3  Manage the computer’s resources ◦ CPU ◦ Memory ◦ Disk drives ◦ Printers  Establish a user interface  Execute and provide services for applications.
Week 6 Operating Systems.

Week 6 Operating Systems.
Computer Forensics Principles and Practices by Volonino, Anzaldua, and Godwin Chapter 6: Operating Systems and Data Transmission Basics for Digital Investigations.

Computer Forensics Principles and Practices by Volonino, Anzaldua, and Godwin Chapter 6: Operating Systems and Data Transmission Basics for Digital Investigations.

Similar presentations

Ads by Google