DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING
(CYBER SECURITY)
LABORATORY MANUAL
ACADEMIC YEAR: 2025-2026
COURSE CODE: CB3601
COURSE NAME: CYBER FORENSICS LABORATORY
REGUALATION: R-2021
LAB IN-CHARGE: [Link] PANDIAN, AP/CSE(AIML)
Prepared By Verified By
Mr.S. KARUPPASAMY PANDIAN [Link]
AP/CSE (AIML) HoD / CSE(AIML)
Approved By
� INSTITUTE MISSION
1 Providing comprehensive learning environment
2 Imparting state-of-the-art technology to fulfil the needs of the students and Industry
3 Establishing Industry-Institute alliance for bilateral benefits
4 Promoting Research and Development activities
5 Offering student lead activities to inculcate ethics, social responsibilities, entrepreneurial,
and leadership skills
INSTITUTE VISION
To become a centre of excellence in preparing engineering with excellent technical, scientific
research and entrepreneurial abilities to contribute to the society.
DEPARTMENT VISION
To become a center of excellence in Artificial Intelligence and Machine Learning by nurturing innovation,
ethical responsibility, and technical competence to solve real-world problems for societal betterment
DEPARTMENT MISSION
To impart strong theoretical foundations and practical skills in Artificial Intelligence, Machine
1 Learning, and Computer Science through a structured academic framework
To promote innovation, research, and entrepreneurship by providing exposure to real-world
2 applications and interdisciplinary collaboration
To cultivate ethical, socially responsible, and lifelong learners who are equipped to face the
3 evolving challenges in AI and ML domains.
� PROGRAMME EDUCATIONAL OBJECTIVES
Apply their technical competence in computer science to solve real world problems,
PEO – I
with technical and people leadership
Conduct cutting edge research and develop solutions on problems of social
PEO – II
relevance.
Work in a business environment, exhibiting team skills, work ethics, adaptability and
PEO-III
lifelong learning.
PROGRAMME SPECIFIC OUTCOMES
Exhibit design and programming skills to build and automate business solutions
PSO – I
using cutting edge technologies.
Strong theoretical foundation leading to excellence and excitement towards
PSO – II
research, to provide elegant solutions to complex problems.
Ability to work effectively with various engineering fields as a team to design,
PSO-III
build and develop system applications.
SYLLABUS
� Course
COURSE NAME L T P C
Code
CB3601 CYBER FORENSICS 3 0 4 5
COURSE OBJECTIVES:
To learn cyber crime and forensics
To become familiar with forensics tools
To learn to analyze and validate forensics data
To understand cyber laws and the admissibility of evidence with case studies
To learn the vulnerabilities in network infrastructure with ethical hacking
LIST OF EXPERIMENTS
Sl. No List of Experiments
Study and explore the following forensic tools- FTK Imager, Autopsy, EnCase Forensic Imager,
1 LastActivityView, USBDeview
2 To understand and perform the recovery of deleted files using FTK Imager.
Acquire a forensic image of a hard disk using EnCase Forensics Imager and validate its integrity
3
through hashing.
4 Restore a previously acquired forensic image using EnCase Forensics Imager and validate its
integrity.
5 Collect email evidence from the victim's PC and extract browser artifacts using Chrome History
View
6 Identify USB devices connected to a system using USBDeview.
7 To perform a live forensics investigation using the Autopsy tool.
8 Understand and perform email tracking and tracing to find the source and route of an email.
9 Content Beyond Syllabus: Disk & File System Forensics
10 Model Practical Examination
Lab Requirements: for a batch of 60 students
Operating Systems: Linux / Windows - Hard Disk, Network switch & LAN connectivity
Tools: FTK Imager, Autopsy
TOTAL: 30 PERIODS
COURSE OUTCOMES:
At the end of this course, the students will be able to:
CO1: Understand the basics of cyber crime and computer forensics
� CO2: Apply a number of different computer forensic tools to a given scenario
CO3: Analyze and validate forensics data
CO4: Understand Admissibility of evidence in India with Cyber laws and Case Studies
CO5: Identify the vulnerabilities in a given network infrastructure
CO6: Implement real-world hacking techniques to test system security
PLAN OF IMPLEMENTATION
Number
Sl. No Cumulative Requiremen
List of Experiments of periods
periods t
planned
Study and explore the following forensic tools- FTK
Imager, Autopsy, EnCase Forensic Imager,
1 4 4
LastActivityView, USBDeview
To understand and perform the recovery of deleted files
2 4 8
using FTK Imager. Operating
Acquire a forensic image of a hard disk using EnCase Systems:
3 Forensics Imager and validate its integrity through 4 12 Windows ,
hashing. Hard Disk,
4 Restore a previously acquired forensic image using Network
4 16
EnCase Forensics Imager and validate its integrity. switch &
5 Collect email evidence from the victim's PC and extract LAN
4 20
browser artifacts using Chrome History View connectivity
6 Identify USB devices connected to a system using Tools:
4 24
USBDeview. FTK
7 To perform a live forensics investigation using the Imager,
3 27
Autopsy tool. Autopsy
8 Understand and perform email tracking and tracing to
3 30
find the source and route of an email.
9 Content Beyond Syllabus: Disk & File System
3 33
Forensics
10 Model Practical Examination 3 36
